CVE-2014-2370

CVE-2014-2370: Omron NS Series HMI Improper Neutralization of Input During Web Page Generation

Vendor Omron

Product NS15

Weakness CWE-79 · XSS

Published July 24, 2014

Last update October 6, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web script or HTML via crafted data.

Key dates

02Disclosure timeline

July 24, 2014 CVE published

October 6, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2014-2370 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

Identifiers

CVE CVE-2014-2370

CWE CWE-79

Affected versions

Vendor Omron

Product NS15

Affected ≥ 8.1xx and < 8.68x

Vendor Omron

Product NS12

Affected ≥ 8.1xx and < 8.68x

Vendor Omron

Product NS10

Affected ≥ 8.1xx and < 8.68x

Vendor Omron

Product NS8

Affected ≥ 8.1xx and < 8.68x

Vendor Omron

Product NS5

Affected ≥ 8.1xx and < 8.68x

CVE-2014-2370: Omron NS Series HMI Improper Neutralization of Input During Web Page Generation

01Description

02Disclosure timeline

03References

04Related CVE