126 matches found
CVE-2019-18259
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands...
EUVD-2019-4988
Malware in sbrugna...
EUVD-2020-28126
Malware in sbrugna...
CVE-2020-6986
In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result...
CVE-2019-13533
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves...
CVE-2022-45794 Omron CJ-series and CS-series unauthenticated filesystem access.
An attacker with network access to the affected PLC CJ-series and CS-series PLCs, all versions may use a network protocol to read and write files on the PLC internal memory and memory card...
CVE-2022-31207
The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...
CVE-2022-31205
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication...
Design/Logic Flaw
In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result...
CVE-2019-18259
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands...
CVE-2019-13533
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves...
Design/Logic Flaw
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves...
Authentication flaw
In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks...
Command injection
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands...
CVE-2019-18261
In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks...
CVE-2019-13533
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves...
CVE-2019-13533
CVE-2019-13533 affects Omron PLC CJ and CS series (all versions). The vulnerability allows an attacker to monitor PLC-controller traffic and replay requests, potentially opening/closing industrial valves (authentication bypass via capture-replay). Affected products are Omron CJ/CS series PLCs; mi...
CVE-2019-18259
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands...
CVE-2019-18259
CVE-2019-18259 affects Omron PLC CJ series and CS series (all versions). The vulnerability enables an attacker to spoof arbitrary messages or execute commands against the PLC, i.e., an authentication bypass by spoofing. NVD reports CVSSv3.1 base score 9.8 (CRITICAL) with network access, no privil...
Omron PLC CJ/CS/NJ Series CVE-2019-18261 Authentication Bypass Vulnerability
Description Omron PLC CJ, CS and NJ Series are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and aid in brute-force attacks; other attacks may also be possible. The following products of Omron Programmable Logic...