30 matches found
CVE-2022-31207
The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...
EUVD-2022-48646
Malicious code in bioql PyPI...
EUVD-2022-52789
Malicious code in bioql PyPI...
EUVD-2023-31172
Malicious code in bioql PyPI...
EUVD-2022-52791
Malicious code in bioql PyPI...
CVE-2023-27396
FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...
CVE-2022-45790
The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic...
Omron CJ/CS/CP Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Omron Equipment : Sysmac CJ/CS/CP Series Vulnerability : Improper Control of Interaction Frequency 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...
Omron SYSMAC Missing Authentication (CVE-2023-27396)
FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...
CVE-2023-27396
FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...
CVE-2023-27396
FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...
Design/Logic Flaw
FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...
CVE-2023-27396
FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...
CVE-2023-27396
FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...
Omron SYSMAC CS/CJ/CP Series and NJ/NX Series Plaintext Storage of a Password (CVE-2022-31205)
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication. This plugin only works with Tenable.ot. Please visit...
Omron CP1L-EL20DR-D Memory Arbitrary Read/Write (CVE-2023-22357)
Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the...
Omron SYSMAC CS/CJ/CP Series 访问控制错误漏洞
The Omron SYSMAC CS/CJ/CP Series is a series of programmable controllers from Omron Corporation Japan. A security vulnerability exists in the Omron SYSMAC CS/CJ/CP Series due to a security issue with the FINS protocol that involves clear-text communication, undefined authentication, and other...
CVE-2023-22357
Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the...
PT-2022-6229 · Omron · Omron Cp1L-El20Dr-D
Name of the Vulnerable Software and Affected Versions: OMRON CP1L-EL20DR-D all versions Description: The issue is related to the implementation of the Factory Interface Network Service FINS protocol in the OMRON CP1L-EL20DR-D programmable logic controller's firmware, specifically due to...
CVE-2022-31207
The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...