CVE-2019-13533
HIGHOmron PLC CJ and CS Series - Authentication Bypass by Capture-replay
Title source: llmDescription
In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-19-346-02
Scores
CVSS v3
8.1
EPSS
0.0097
EPSS Percentile
57.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-294
Status
published
Products (3)
None/Omron PLC CJ and CS Series
Omron PLC CJ series, all versions, Omron PLC CS series, all versions
omron/plc_cj_firmware
omron/plc_cs_firmware
Published
Dec 16, 2019
Tracked Since
Feb 18, 2026