{ "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Omron PLC CJ Series", "vendor": "Omron", "versions": [ { "status": "affected", "version": "all versions" } ] }, { "defaultStatus": "unaffected", "product": "Omron PLC CS series", "vendor": "Omron", "versions": [ { "status": "affected", "version": "all versions" } ] }, { "defaultStatus": "unaffected", "product": "Omron PLC NX1P2 series", "vendor": "Omron", "versions": [ { "status": "affected", "version": "all versions" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jipeng You (XDU) and n0b0dy reported these vulnerabilities to CISA." } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability. " } ], "value": "Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-412", "description": "CWE-412 Unrestricted Externally Accessible Lock", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-04-27T22:40:45.810Z" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.us-cert.gov/ics/advisories/icsa-19-346-02" }, { "url": "https://www.omron-cxone.com/security/2019-12-06_PLC_EN.pdf" } ], "source": { "discovery": "EXTERNAL" }, "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "
Omron recommends the following mitigation measures:
For more information provided by Omron on these vulnerabilities refer to Vulnerabilities in Omron CS and CJ series CPU PLCs.
\n\n