← volver
CVE-2023-0811

CVE-2023-0811

CVSS 9.1 CRITICALEPSS 0.6%CWE-284
Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Productos afectados
Omron · CJ1M SYSMAC CJ-seriesOmron · CJ1M SYSMAC CP-seriesOmron · CJ1M SYSMAC CS-series

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.cisa.gov/news-events/ics-advisories/icsa-23-073-01https://www.ia.omron.com/product/vulnerability/OMSR-2023-001_en.pdf