Lucene search
IcscertCVELIST:CVE-2023-0811HistoryMar 16, 2023 - 5:41 p.m.
CVE-2023-0811
2023-03-1617:41:25
CWE-284
icscert
www.cve.org
3
security vulnerability
access control
memory write
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.001
Percentile
35.2%
Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.
CNA Affected
[
{
"defaultStatus": "unaffected",
"packageName": "CJ2H-CPU6 □ -EIP",
"product": "CJ1M SYSMAC CJ-series",
"vendor": "Omron ",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CJ2H-CPU6 □",
"product": "CJ1M SYSMAC CJ-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CJ2M-CPU □ □",
"product": "CJ1M SYSMAC CJ-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CJ1G-CPU □ □ P",
"product": "CJ1M SYSMAC CJ-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CS1H-CPU □ □ H",
"product": "CJ1M SYSMAC CS-series ",
"vendor": "Omron ",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CS1G-CPU □ □ H",
"product": "CJ1M SYSMAC CS-series ",
"vendor": "Omron ",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CS1D-CPU □ □ HA",
"product": "CJ1M SYSMAC CS-series ",
"vendor": "Omron ",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CS1D-CPU □ □ H",
"product": "CJ1M SYSMAC CS-series ",
"vendor": "Omron ",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CS1D-CPU □ □ SA",
"product": "CJ1M SYSMAC CS-series ",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CS1D-CPU □ □ S",
"product": "CJ1M SYSMAC CS-series ",
"vendor": "Omron ",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CS1D-CPU □ □ P",
"product": "CJ1M SYSMAC CS-series ",
"vendor": "Omron ",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP2E-E □ □ D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP2E-S □ □ D □- □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP2E-N □ □ D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1H-X40D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1H-XA40D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1H-Y20DT-D",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1L-EL20D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1L-EM □ □ D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1L-L □ □ D □- □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1L-M □ □ D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1E-E □ □ D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "CP1E-NA □ □ D □ - □",
"product": "CJ1M SYSMAC CP-series",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "All versions "
}
]
}
]Related
nessus
nessus
Omron CJ1M PLC Improper Access Control (CVE-2023-0811)
2023-05-22 00:00:00
prion
prion
Improper access control
2023-03-16 18:15:00
cve
cve
CVE-2023-0811
2023-03-16 18:15:11
ics
ics
Omron CJ1M PLC
2023-03-14 12:00:00
nvd
nvd
CVE-2023-0811
2023-03-16 18:15:11
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.001
Percentile
35.2%
Related for CVELIST:CVE-2023-0811