CVE-2024-12298

medium

Description

We found a vulnerability Improper Restriction of XML External Entity Reference (CWE-611) in NB-series NX-Designer. Attackers may be able to abuse this vulnerability to disclose confidential data on a computer.

References

https://www.fa.omron.co.jp/product/security/assets/pdf/ja/OMSR-2025-002_ja.pdf

https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2025-002_en.pdf

Details

Source: Mitre, NVD

Published: 2025-01-14

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N