Lucene search
K

120 matches found

Cvelist
Cvelist
added 2023/08/03 4:55 a.m.22 views

CVE-2023-38744

Denial-of-service DoS vulnerability due to improper validation of specified type of input issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit. If an affected product receives a packet which is specially...

7.7AI score0.00653EPSS
Exploits0References2
CVE
CVE
added 2023/08/03 4:55 a.m.40 views

CVE-2023-38744

CVE-2023-38744 affects Omron CJ Series EtherNet/IP components: CJ2M CPU Unit (2.18 or earlier), CJ2H CPU Unit (3.04 or earlier), CS/CJ EtherNet/IP Units CS1W-EIP21 (3.04 or earlier) and CJ1W-EIP21 (3.04 or earlier). Root cause is improper validation of a specific input type in the built-in EtherN...

7.5CVSS7.5AI score0.00653EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/08/03 4:45 a.m.4 views

OMRON CJ series and CS/CJ Series EtherNet/IT unit vulnerable to Denial-of-Service (DoS)

Overview Denial-of-service DoS vulnerability due to improper validation of specified type of input CWE-1287 issue exists in the built-in EtherNet/IP port of the CJ Series CJ2 CPU unit and the communication function of the CS/CJ Series EtherNet/IP unit provided by OMRON Corporation. OMRON...

7.5CVSS6.8AI score0.00653EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.4 views

PT-2023-26580 · Omron · Cj2H Cpu Unit +2

Name of the Vulnerable Software and Affected Versions: CJ2M CPU Unit versions 2.18 and earlier CJ2H CPU Unit versions 3.04 and earlier CS/CJ Series EtherNet/IP Unit CS1W-EIP21 versions 3.04 and earlier CS/CJ Series EtherNet/IP Unit CJ1W-EIP21 versions 3.04 and earlier Description: A...

7.5CVSS7.1AI score0.00653EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/08/01 12:0 a.m.5 views

Omron CJ Series Security Vulnerability

The Omron CJ series is a series of small programmable controllers from Omron Corporation Japan. A security vulnerability exists in the Omron CJ Series CJ2 CPU unit and the CS/CJ Series EtherNet/IP unit, which results from a lack of proper validation of specified types of inputs...

7.5CVSS6.8AI score0.00653EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2023/07/22 6:24 a.m.19 views

cjfarmermanbestfriendkennel.com Cross Site Scripting vulnerability OBB-3537219

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
NVD
NVD
added 2023/06/19 5:15 a.m.33 views

CVE-2023-27396

FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...

9.8CVSS9.7AI score0.01385EPSS
Exploits1References7
OSV
OSV
added 2023/06/19 5:15 a.m.10 views

CVE-2023-27396

FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...

9.8CVSS5.9AI score0.01385EPSS
Exploits1References7
ICS
ICS
added 2023/04/20 3:30 p.m.31 views

Omron CS/CJ Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Omron Equipment: SYSMAC CS/CJ Series Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access...

8.6CVSS8.6AI score0.00536EPSS
Exploits0References4
CISA
CISA
added 2023/04/18 12:0 p.m.3 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS advisories on April 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

7AI score
Exploits0References4
CNNVD
CNNVD
added 2023/04/17 12:0 a.m.4 views

Omron SYSMAC CS/CJ/CP Series 访问控制错误漏洞

The Omron SYSMAC CS/CJ/CP Series is a series of programmable controllers from Omron Corporation Japan. A security vulnerability exists in the Omron SYSMAC CS/CJ/CP Series due to a security issue with the FINS protocol that involves clear-text communication, undefined authentication, and other...

9.8CVSS8.3AI score0.01385EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2023/04/17 12:0 a.m.6 views

PT-2023-21095 · Omron · Sysmac Nx1P-Series Cpu Units +4

Name of the Vulnerable Software and Affected Versions: SYSMAC CS-series CPU Units, all versions SYSMAC CJ-series CPU Units, all versions SYSMAC CP-series CPU Units, all versions SYSMAC NJ-series CPU Units, all versions SYSMAC NX1P-series CPU Units, all versions SYSMAC NX102-series CPU Units, all...

9.8CVSS7.6AI score0.01385EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2023/01/18 12:0 a.m.8 views

PT-2023-2420 · Omron · Omron Cs Series

Name of the Vulnerable Software and Affected Versions: Omron CJ-series and CS-series PLCs, all versions Description: The issue is related to the lack of authentication for a critical function in Omron CS/CJ controllers. An attacker with network access to the affected PLC may use a network protoco...

8.6CVSS7.4AI score0.00536EPSS
Exploits0References9
CISA
CISA
added 2022/11/29 12:0 a.m.26 views

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven 7 Industrial Control Systems ICS advisories on November 29, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...

0.2AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.11 views

CVE-2022-31207

The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...

9.8CVSS7.6AI score0.00767EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.4 views

Omron SYSMAC CS/CJ/CP Series 和 NJ/NX Series 数据伪造问题漏洞

Omron SYSMAC CS/CJ/CP Series and Omron SYSMAC NJ/NX Series are products of Omron Corporation, Japan.Omron SYSMAC CS/CJ/CP Series is a series of programmable controllers.Omron SYSMAC NJ/NX Series is a series of machine automation controllers. Omron SYSMAC NJ/NX Series is a series of machine...

9.8CVSS9AI score0.00858EPSS
Exploits0References6
ICS
ICS
added 2022/06/28 12:0 a.m.90 views

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Omron Equipment: SYSMAC CS/CJ/CP Series and NJ/NX Series Vulnerabilities: Cleartext Transmission of Sensitive Information, Insufficient Verification of Data Authenticity, Plaintext Storage of a Password...

9.8CVSS9.8AI score0.00858EPSS
Exploits0References5
CISA
CISA
added 2022/06/22 12:0 a.m.25 views

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report

CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...

1.7AI score
Exploits0References19
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.6 views

PT-2022-3095 · Omron · Omron Cs Series +1

Name of the Vulnerable Software and Affected Versions: Omron CS series, CJ series, and CP series PLCs versions prior to 2022-05-18 Description: The issue is related to the storage of the password for access to the Web UI in memory area D1449...D1452, which can be read out using the Omron FINS...

7.8CVSS7.5AI score0.00543EPSS
Exploits0References8
Openbugbounty
Openbugbounty
added 2022/04/26 1:25 p.m.10 views

cj.tsukuba.ac.jp Cross Site Scripting vulnerability OBB-2559105

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Rows per page
Query Builder