Skip to main content

Sysmac Cj2H Cpu64 Firmware CVE-2023-0811

CRITICAL
Improper Access Control (CWE-284)
2023-03-16 ics-cert@hq.dhs.gov
Authentication Bypass Sysmac Cj2H Cpu64 Firmware Sysmac Cj2H Cpu64 Eip Firmware Sysmac Cj2H Cpu65 Firmware Sysmac Cj2H Cpu65 Eip Firmware Sysmac Cj2H Cpu66 Firmware Sysmac Cj2H Cpu66 Eip Firmware Sysmac Cj2H Cpu67 Firmware Sysmac Cj2H Cpu67 Eip Firmware Sysmac Cj2H Cpu68 Firmware Sysmac Cj2H Cpu68 Eip Firmware Sysmac Cj2M Cpu11 Firmware Sysmac Cj2M Cpu12 Firmware Sysmac Cj2M Cpu13 Firmware Sysmac Cj2M Cpu14 Firmware Sysmac Cj2M Cpu15 Firmware Sysmac Cj2M Cpu31 Firmware Sysmac Cj2M Cpu32 Firmware Sysmac Cj2M Cpu33 Firmware Sysmac Cj2M Cpu34 Firmware Sysmac Cj2M Cpu35 Firmware Sysmac Cp1E E10Dr A Firmware Sysmac Cp1E E10Dr D Firmware Sysmac Cp1E E10Dt A Firmware Sysmac Cp1E E10Dt D Firmware Sysmac Cp1E E10Dt1 A Firmware Sysmac Cp1E E10Dt1 D Firmware Sysmac Cp1E E14Dr A Firmware Sysmac Cp1E E14Sdr A Firmware Sysmac Cp1E E20Dr A Firmware Sysmac Cp1E E20Sdr A Firmware Sysmac Cp1E E30Dr A Firmware Sysmac Cp1E E30Sdr A Firmware Sysmac Cp1E E40Dr A Firmware Sysmac Cp1E E40Sdr A Firmware Sysmac Cp1E E60Sdr A Firmware Sysmac Cp1E Na20Dr A Firmware Sysmac Cp1E Na20Dt D Firmware Sysmac Cp1E Na20Dt1 D Firmware Sysmac Cp1H X40Dr A Firmware Sysmac Cp1H X40Dt D Firmware Sysmac Cp1H X40Dt1 D Firmware Sysmac Cp1H Xa40Dr A Firmware Sysmac Cp1H Xa40Dt D Firmware Sysmac Cp1H Xa40Dt1 D Firmware Sysmac Cp1H Y20Dt D Firmware Sysmac Cp1L El20Dr D Firmware Sysmac Cp1L Em30Dr D Firmware Sysmac Cp1L Em30Dt D Firmware Sysmac Cp1L Em30Dt1 D Firmware Sysmac Cp1L Em40Dr D Firmware Sysmac Cp1L Em40Dt D Firmware Sysmac Cp1L Em40Dt1 D Firmware Sysmac Cp1L L10Dr A Firmware Sysmac Cp1L L10Dr D Firmware Sysmac Cp1L L10Dt A Firmware Sysmac Cp1L L10Dt D Firmware Sysmac Cp1L L10Dt1 D Firmware Sysmac Cp1L L14Dr A Firmware Sysmac Cp1L L14Dr D Firmware Sysmac Cp1L L14Dt A Firmware Sysmac Cp1L L14Dt D Firmware Sysmac Cp1L L14Dt1 D Firmware Sysmac Cp1L L20Dr A Firmware Sysmac Cp1L L20Dr D Firmware Sysmac Cp1L L20Dt A Firmware Sysmac Cp1L L20Dt D Firmware Sysmac Cp1L L20Dt1 D Firmware Sysmac Cp1L M30Dr A Firmware Sysmac Cp1L M30Dr D Firmware Sysmac Cp1L M30Dt A Firmware Sysmac Cp1L M30Dt D Firmware Sysmac Cp1L M30Dt1 D Firmware Sysmac Cp1L M40Dr A Firmware Sysmac Cp1L M40Dr D Firmware Sysmac Cp1L M40Dt A Firmware Sysmac Cp1L M40Dt D Firmware Sysmac Cp1L M40Dt1 D Firmware Sysmac Cp1L M60Dr A Firmware Sysmac Cp1L M60Dr D Firmware Sysmac Cp1L M60Dt A Firmware Sysmac Cp1L M60Dt D Firmware Sysmac Cp1L M60Dt1 D Firmware Sysmac Cp2E E14Dr A Firmware Sysmac Cp2E E20Dr A Firmware Sysmac Cp2E E30Dr A Firmware Sysmac Cp2E E40Dr A Firmware Sysmac Cp2E E60Dr A Firmware Sysmac Cp2E N14Dr A Firmware Sysmac Cp2E N14Dr D Firmware Sysmac Cp2E N14Dt A Firmware Sysmac Cp2E N14Dt D Firmware Sysmac Cp2E N14Dt1 D Firmware Sysmac Cp2E N20Dr A Firmware Sysmac Cp2E N20Dr D Firmware Sysmac Cp2E N20Dt A Firmware Sysmac Cp2E N20Dt D Firmware Sysmac Cp2E N20Dt1 D Firmware Sysmac Cp2E N30Dr A Firmware Sysmac Cp2E N30Dr D Firmware Sysmac Cp2E N30Dt A Firmware Sysmac Cp2E N30Dt D Firmware Sysmac Cp2E N30Dt1 D Firmware Sysmac Cp2E N40Dr A Firmware Sysmac Cp2E N40Dr D Firmware Sysmac Cp2E N40Dt A Firmware Sysmac Cp2E N40Dt D Firmware Sysmac Cp2E N40Dt1 D Firmware Sysmac Cp2E N60Dr A Firmware Sysmac Cp2E N60Dr D Firmware Sysmac Cp2E N60Dt A Firmware Sysmac Cp2E N60Dt D Firmware Sysmac Cp2E N60Dt1 D Firmware Sysmac Cp2E S30Dr A Firmware Sysmac Cp2E S30Dt D Firmware Sysmac Cp2E S30Dt1 D Firmware Sysmac Cp2E S40Dr A Firmware Sysmac Cp2E S40Dt D Firmware Sysmac Cp2E S40Dt1 D Firmware Sysmac Cp2E S60Dr A Firmware Sysmac Cp2E S60Dt D Firmware Sysmac Cp2E S60Dt1 D Firmware Sysmac Cs1W Drm21 V1 Firmware Sysmac Cs1W Eip21 Firmware Sysmac Cs1W Etn21 Firmware Sysmac Cs1W Fln22 Firmware Sysmac Cs1W Nc 71 Firmware Sysmac Cs1W Spu01 V2 Firmware Sysmac Cs1W Spu02 V2 Firmware
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 16, 2023 - 18:15 nvd
CRITICAL 9.1

DescriptionNVD

Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.

AnalysisAI

Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-284. Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program. Affected products include: Omron Sysmac Cj2H-Cpu64 Firmware, Omron Sysmac Cj2H-Cpu64-Eip Firmware, Omron Sysmac Cj2H-Cpu65 Firmware, Omron Sysmac Cj2H-Cpu65-Eip Firmware, Omron Sysmac Cj2H-Cpu66 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2023-0811 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy