Nj101 1000 Firmware
CVE-2024-33687
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration.
AnalysisAI
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-345. Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration. Affected products include: Omron Nj101-1000 Firmware, Omron Nj101-1020 Firmware, Omron Nj101-9000 Firmware, Omron Nj101-9020 Firmware, Omron Nj301-1100 Firmware.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Nj101 1000 Firmware
View allFINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA
The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryp
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earl
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.4
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.2
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today