CVE-2025-0591

High

Published: 17 February 2025

Published

17 February 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0005 14.5th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Out-of-bounds Read vulnerability (CWE-125) was found in CX-Programmer. Attackers may be able to read sensitive information or cause an application crash by abusing this vulnerability.

Security Summary

CVE-2025-0591 is an Out-of-bounds Read vulnerability (CWE-125) found in CX-Programmer. This issue affects the CX-Programmer software and was published on 2025-02-17 with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

Local attackers can exploit this vulnerability with low attack complexity and no privileges required, though user interaction is necessary. Exploitation may enable reading of sensitive information or cause an application crash, leading to high impacts on confidentiality, integrity, and availability.

Omron has issued security advisories OMSR-2025-003 detailing mitigation, available in English at https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-003_en.pdf and in Japanese at https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2025-003_ja.pdf.

Details

CWE(s): CWE-125

References

https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-003_en.pdf
bba440f9-ef23-4224-aa62-7ac0935d18d1
https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2025-003_ja.pdf
bba440f9-ef23-4224-aa62-7ac0935d18d1