CVE Daily

CVE-2025-1384

Least Privilege Violation (CWE-272) Vulnerability exists in the communication fu...

High CVSS 7.0

Overview

Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code remotely to the controller products.

CWE: CWE-272 Published: 2025-07-14T00:15:22.077
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.0 (HIGH)
  • Detected tags: unauth_access (tag impact: HIGH)

Recommended actions:

  • Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags