Published: 2023/01/24  Last Updated: 2023/01/24

Information from OMRON Corporation

Vulnerability ID:JVNVU#94200979
Title:Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Motion Pro

This is a statement from the vendor itself with no modification by JPCERT/CC.

Mr. Michael Heinzl reported us via JPCERT/CC that our CX-Motion Pro had an vulnerability.
We already released the fixed modules by our auto update service in January 2023.

Many thanks to Mr. Michael Heinzl.