RSS   Vulnerabilities for 'Plc cs firmware'   RSS

2019-12-16
 
CVE-2019-18269

NVD-CWE-Other
 

 
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, the software properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.

 
 
CVE-2019-18261

CWE-307
 

 
In Omron PLC CS series, all versions, Omron PLC CJ series, all versions, and Omron PLC NJ series, all versions, the software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.

 
 
CVE-2019-18259

CWE-290
 

 
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.

 
 
CVE-2019-13533

CWE-294
 

 
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.

 

 >>> Vendor: Omron 25 Products
Worldview
Openwnn
Ns10 hmi terminal
Ns12 hmi terminal
Ns15 hmi terminal
Ns5 hmi terminal
Ns8 hmi terminal
Ns series system program firmware
Cx-programmer
Cj2h plc
Cj2m plc
Cx-supervisor
Cx-flnet
Cx-one
Cx-protocol
Cx-server
Network configurator
Switch box utility
Poweract pro master agent
Common components
Network configurator for devicenet safety
Plc cj firmware
Plc cs firmware
Plc nj firmware
Cx-position


Copyright 2024, cxsecurity.com

 

Back to Top