Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-0811 | 1 Omron | 256 Sysmac Cj2h-cpu64, Sysmac Cj2h-cpu64-eip, Sysmac Cj2h-cpu64-eip Firmware and 253 more | 2024-11-21 | N/A | 9.1 CRITICAL |
Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program. | |||||
CVE-2022-45794 | 1 Omron | 82 Sysmac Cj1g-cpu42p, Sysmac Cj1g-cpu42p Firmware, Sysmac Cj1g-cpu43p and 79 more | 2024-11-21 | N/A | 8.6 HIGH |
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card. |