Vulnerability Details - CVSS v3: - 8.6 - Attention: - Exploitable remotely/low skill level to exploit - Vendor: - Omron - Equipment: - PLC CJ and CS Series - Vulnerabilities: - Authentication Bypass by Spoofing - Authentication Bypass by Capture-replay - Unrestricted Externally Accessible Lock Update: - Follow-up to original advisory titled ICSA-19-346-02 Omron PLC CJ and CS Series (Update A) published November 29, 2022. Risk Evaluation - Successful exploitation could allow an attacker to pose as an authorized user to obtain the status information of the PLC. Technical Details - Affected Products: - Omron PLC CJ series, all versions - Omron PLC CS series, all versions - Omron PLC NX1P2 series, all versions - Vulnerability Overview: - Authentication Bypass by Spoofing (CVE-2019-18259): - CVSS v3 base score: 5.6 - Authentication Bypass by Capture-Replay (CVE-2019-13533): - CVSS v3 base score: 8.1 - Unrestricted Externally Accessible Lock (CVE-2019-18269): - CVSS v3 base score: 8.6 Background - Critical Infrastructure Sectors: Critical Manufacturing - Deployed Worldwide - Vendor Headquarters: Japan Researcher: - Jipeng You (XDU) and n0b0dy reported these vulnerabilities to CISA. Mitigations: - Vendor recommendations: - Filter FINS port - Filter IP addresses - CISA recommendations: - Minimize network exposure - Use secure methods for remote access - Follow internal procedures for suspected malicious activity