CVE-2022-31205
EUVD-2022-5278926.07.2022, 22:15
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| omron | sysmac_cs1_firmware | 𝑥 < 4.1 |
| omron | sysmac_cj2m_firmware | 𝑥 < 2.1 |
| omron | sysmac_cj2h_firmware | 𝑥 < 1.5 |
| omron | sysmac_cp1e_firmware | 𝑥 < 1.30 |
| omron | sysmac_cp1h_firmware | 𝑥 < 1.30 |
| omron | sysmac_cp1l_firmware | 𝑥 < 1.10 |
| omron | cp1w-cif41_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration