Description
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://www.forescout.com/blog/
Third Party Advisory, US Government Resource x_refsource_misc
https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-02
Scores
CVSS v3
7.5
EPSS
0.0051
EPSS Percentile
39.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (7)
omron/cp1w-cif41_firmware
omron/sysmac_cj2h_firmware
< 1.5
omron/sysmac_cj2m_firmware
< 2.1
omron/sysmac_cp1e_firmware
< 1.30
omron/sysmac_cp1h_firmware
< 1.30
omron/sysmac_cp1l_firmware
< 1.10
omron/sysmac_cs1_firmware
< 4.1
Published
Jul 26, 2022
Tracked Since
Feb 18, 2026