CVE-2025-1384

Published Jul 14, 2025

Last updated 3 days ago

CVSS high 7.0

Overview

Description
Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code remotely to the controller products.
Source
bba440f9-ef23-4224-aa62-7ac0935d18d1
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7
Impact score
4.7
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Severity
HIGH

Weaknesses

bba440f9-ef23-4224-aa62-7ac0935d18d1
CWE-272

Social media

Hype score
Not currently trending

  1. CVE-2025-1384 Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Sof… https://t.co/fLvLlIWunW

    @CVEnew

    13 Jul 2025

    499 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.