3 matches found
Omron CX-One CX-Programmer, CJ2M and CJ2H PLCs Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-0987)
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request. This plugin only works with Tenable.ot...
CVE-2015-0987
CVE-2015-0987 affects Omron CX-One CX-Programmer (pre-9.6) and CJ2M/CJ2H PLCs (pre-2.1/1.5). The underlying issue is cleartext transmission of passwords to unlock PLCs, enabling an attacker who can sniff network traffic to obtain sensitive information. The NVD/NIST entry, ICS-CERT advisory, and N...
Omron Multiple Product Vulnerabilities
OVERVIEW Air Force Institute of Technology researcher Stephen Dunlap has identified vulnerabilities in Omron Corporation’s CX-Programmer software, CJ2M series programmable logic controller PLC, and CJ2H series PLC. Omron Corporation has produced new versions that mitigate these vulnerabilities. O...