CVE-2019-18259
published 2019-12-16CVE-2019-18259: In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.11%
79.5th percentile
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated or spoofed FINS protocol messages targeting Omron PLC CJ/CS series devices, which could indicate exploitation of CVE-2019-18259 (Authentication Bypass by Spoofing). ↗
- →Detect replay attacks on FINS traffic between PLCs and controllers; look for duplicate or out-of-sequence FINS requests that result in repeated open/close commands to industrial valves. ↗
- ·No known public exploits specifically target these vulnerabilities at time of advisory publication. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jwh5-53wq-83vf: In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands
ghsa_unreviewed·2022-05-24
CVE-2019-18259 [HIGH] GHSA-jwh5-53wq-83vf: In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands
In Omron PLC CJ series, all versions and Omron PLC CS series, all versions, an attacker could spoof arbitrary messages or execute commands.
CISA ICS
Omron PLC CJ and CS Series (Update B)
cisa_ics·2022-11-29·CVSS 8.1
[HIGH] Omron PLC CJ and CS Series (Update B)
ICS Advisory
##
Omron PLC CJ and CS Series (Update B)
Last RevisedApril 18, 2023
Alert CodeICSA-19-346-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.6
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Omron
- Equipment: PLC CJ and CS Series
- Vulnerabilities: Authentication Bypass by Spoofing, Authentication Bypass by Capture-replay, Unrestricted Externally Accessible Lock
## 2. UPDATE
This updated advisory is a follow-up to the original advisory titled ICSA-19-346-02 Omron PLC CJ and CS Series (Update A) published November 29, 2022, on the ICS webpage at cisa.gov.
## 3. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to pose as an authorized user to obtain the status information of the PLC.
## 4. TE
No detection rules found.
No public exploits indexed.
2019-12-16
Published