cbcvebase.

Omron Sysmac Cj2H Firmware vulnerabilities

3 known vulnerabilities affecting omron/sysmac_cj2h_firmware.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2

Vulnerabilities

Page 1 of 1
CVE-2022-31207P2CRITICALCVSS 9.8fixed in 1.52022-07-26
CVE-2022-31207 [CRITICAL] CWE-347 CVE-2022-31207: The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lac The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS (9600/TCP) protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication flaws as reported in FSCT-2022-0057. Control logi
nvd
CVE-2022-31205P3HIGHCVSS 7.5fixed in 1.52022-07-26
CVE-2022-31205 [HIGH] CWE-312 CVE-2022-31205: In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication.
nvd
CVE-2022-31204P3HIGHCVSS 7.5fixed in 1.52022-07-26
CVE-2022-31204 [HIGH] CWE-319 CVE-2022-31204: Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feat Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows users or system integrators to configure a password in order to restrict sensitive engineering operations (such as project/logic uploads and downloads). This password is set using the OMRON FINS command Program Ar
nvd
Omron Sysmac Cj2H Firmware vulnerabilities | cvebase