CVE-2023-0811

Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
icscertCNA
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
omronsysmac_cj2h-cpu64_firmware
-
omronsysmac_cj2h-cpu64-eip_firmware
-
omronsysmac_cj2h-cpu65_firmware
-
omronsysmac_cj2h-cpu65-eip_firmware
-
omronsysmac_cj2h-cpu66_firmware
-
omronsysmac_cj2h-cpu66-eip_firmware
-
omronsysmac_cj2h-cpu67_firmware
-
omronsysmac_cj2h-cpu67-eip_firmware
-
omronsysmac_cj2h-cpu68_firmware
-
omronsysmac_cj2h-cpu68-eip_firmware
-
omronsysmac_cj2m-cpu11_firmware
-
omronsysmac_cj2m-cpu12_firmware
-
omronsysmac_cj2m-cpu13_firmware
-
omronsysmac_cj2m-cpu14_firmware
-
omronsysmac_cj2m-cpu15_firmware
-
omronsysmac_cj2m-cpu31_firmware
-
omronsysmac_cj2m-cpu32_firmware
-
omronsysmac_cj2m-cpu33_firmware
-
omronsysmac_cj2m-cpu34_firmware
-
omronsysmac_cj2m-cpu35_firmware
-
omronsysmac_cp1e-e10dr-a_firmware
-
omronsysmac_cp1e-e10dr-d_firmware
-
omronsysmac_cp1e-e10dt-a_firmware
-
omronsysmac_cp1e-e10dt-d_firmware
-
omronsysmac_cp1e-e10dt1-a_firmware
-
omronsysmac_cp1e-e10dt1-d_firmware
-
omronsysmac_cp1e-e14dr-a_firmware
-
omronsysmac_cp1e-e14sdr-a_firmware
-
omronsysmac_cp1e-e20dr-a_firmware
-
omronsysmac_cp1e-e20sdr-a_firmware
-
omronsysmac_cp1e-e30dr-a_firmware
-
omronsysmac_cp1e-e30sdr-a_firmware
-
omronsysmac_cp1e-e40dr-a_firmware
-
omronsysmac_cp1e-e40sdr-a_firmware
-
omronsysmac_cp1e-e60sdr-a_firmware
-
omronsysmac_cp1e-na20dr-a_firmware
-
omronsysmac_cp1e-na20dt-d_firmware
-
omronsysmac_cp1e-na20dt1-d_firmware
-
omronsysmac_cp1h-x40dr-a_firmware
-
omronsysmac_cp1h-x40dt-d_firmware
-
omronsysmac_cp1h-x40dt1-d_firmware
-
omronsysmac_cp1h-xa40dr-a_firmware
-
omronsysmac_cp1h-xa40dt-d_firmware
-
omronsysmac_cp1h-xa40dt1-d_firmware
-
omronsysmac_cp1h-y20dt-d_firmware
-
omronsysmac_cp1l-el20dr-d_firmware
-
omronsysmac_cp1l-em30dr-d_firmware
-
omronsysmac_cp1l-em30dt-d_firmware
-
omronsysmac_cp1l-em30dt1-d_firmware
-
omronsysmac_cp1l-em40dr-d_firmware
-
omronsysmac_cp1l-em40dt-d_firmware
-
omronsysmac_cp1l-em40dt1-d_firmware
-
omronsysmac_cp1l-l10dr-a_firmware
-
omronsysmac_cp1l-l10dr-d_firmware
-
omronsysmac_cp1l-l10dt-a_firmware
-
omronsysmac_cp1l-l10dt-d_firmware
-
omronsysmac_cp1l-l10dt1-d_firmware
-
omronsysmac_cp1l-l14dr-a_firmware
-
omronsysmac_cp1l-l14dr-d_firmware
-
omronsysmac_cp1l-l14dt-a_firmware
-
omronsysmac_cp1l-l14dt-d_firmware
-
omronsysmac_cp1l-l14dt1-d_firmware
-
omronsysmac_cp1l-l20dr-a_firmware
-
omronsysmac_cp1l-l20dr-d_firmware
-
omronsysmac_cp1l-l20dt-a_firmware
-
omronsysmac_cp1l-l20dt-d_firmware
-
omronsysmac_cp1l-l20dt1-d_firmware
-
omronsysmac_cp1l-m30dr-a_firmware
-
omronsysmac_cp1l-m30dr-d_firmware
-
omronsysmac_cp1l-m30dt-a_firmware
-
omronsysmac_cp1l-m30dt-d_firmware
-
omronsysmac_cp1l-m30dt1-d_firmware
-
omronsysmac_cp1l-m40dr-a_firmware
-
omronsysmac_cp1l-m40dr-d_firmware
-
omronsysmac_cp1l-m40dt-a_firmware
-
omronsysmac_cp1l-m40dt-d_firmware
-
omronsysmac_cp1l-m40dt1-d_firmware
-
omronsysmac_cp1l-m60dr-a_firmware
-
omronsysmac_cp1l-m60dr-d_firmware
-
omronsysmac_cp1l-m60dt-a_firmware
-
omronsysmac_cp1l-m60dt-d_firmware
-
omronsysmac_cp1l-m60dt1-d_firmware
-
omronsysmac_cp2e-e14dr-a_firmware
-
omronsysmac_cp2e-e20dr-a_firmware
-
omronsysmac_cp2e-e30dr-a_firmware
-
omronsysmac_cp2e-e40dr-a_firmware
-
omronsysmac_cp2e-e60dr-a_firmware
-
omronsysmac_cp2e-n14dr-a_firmware
-
omronsysmac_cp2e-n14dr-d_firmware
-
omronsysmac_cp2e-n14dt-a_firmware
-
omronsysmac_cp2e-n14dt-d_firmware
-
omronsysmac_cp2e-n14dt1-d_firmware
-
omronsysmac_cp2e-n20dr-a_firmware
-
omronsysmac_cp2e-n20dr-d_firmware
-
omronsysmac_cp2e-n20dt-a_firmware
-
omronsysmac_cp2e-n20dt-d_firmware
-
omronsysmac_cp2e-n20dt1-d_firmware
-
omronsysmac_cp2e-n30dr-a_firmware
-
omronsysmac_cp2e-n30dr-d_firmware
-
omronsysmac_cp2e-n30dt-a_firmware
-
omronsysmac_cp2e-n30dt-d_firmware
-
omronsysmac_cp2e-n30dt1-d_firmware
-
omronsysmac_cp2e-n40dr-a_firmware
-
omronsysmac_cp2e-n40dr-d_firmware
-
omronsysmac_cp2e-n40dt-a_firmware
-
omronsysmac_cp2e-n40dt-d_firmware
-
omronsysmac_cp2e-n40dt1-d_firmware
-
omronsysmac_cp2e-n60dr-a_firmware
-
omronsysmac_cp2e-n60dr-d_firmware
-
omronsysmac_cp2e-n60dt-a_firmware
-
omronsysmac_cp2e-n60dt-d_firmware
-
omronsysmac_cp2e-n60dt1-d_firmware
-
omronsysmac_cp2e-s30dr-a_firmware
-
omronsysmac_cp2e-s30dt-d_firmware
-
omronsysmac_cp2e-s30dt1-d_firmware
-
omronsysmac_cp2e-s40dr-a_firmware
-
omronsysmac_cp2e-s40dt-d_firmware
-
omronsysmac_cp2e-s40dt1-d_firmware
-
omronsysmac_cp2e-s60dr-a_firmware
-
omronsysmac_cp2e-s60dt-d_firmware
-
omronsysmac_cp2e-s60dt1-d_firmware
-
omronsysmac_cs1w-drm21-v1_firmware
-
omronsysmac_cs1w-eip21_firmware
-
omronsysmac_cs1w-etn21_firmware
-
omronsysmac_cs1w-fln22_firmware
-
omronsysmac_cs1w-nc\[\]71_firmware
-
omronsysmac_cs1w-spu01-v2_firmware
-
omronsysmac_cs1w-spu02-v2_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-23-073-01
https://www.ia.omron.com/product/vulnerability/OMSR-2023-001_en.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-23-073-01
https://www.ia.omron.com/product/vulnerability/OMSR-2023-001_en.pdf