Unrestricted Externally Accessible Lock Vulnerability in Omron PLCs
CVE-2019-18269

9.8CRITICAL

Key Information:

Vendor: Omron
Status: Omron Plc Cj Series; Omron Plc Cs Series; Omron Plc Nx1p2 Series
Vendor: CVE Published:; 16 December 2019

What is CVE-2019-18269?

Omron's CS and CJ series PLCs exhibit a vulnerability that allows unauthorized external access to their locking mechanisms. This lack of access control could enable attackers to manipulate system settings, posing significant risks to the integrity and availability of industrial operations. Organizations using these PLCs should ensure they have adequate security measures to prevent potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Omron PLC CJ Series all versions

Omron PLC CS series all versions

Omron PLC NX1P2 series all versions

References

https://www.us-cert.gov/ics/advisories/icsa-19-346-02

x_refsource_MISC

https://www.omron-cxone.com/security/2019-12-06_PLC_EN.pdf

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2019
Vulnerability Reserved
Oct 22, 2019

Credit

Jipeng You (XDU) and n0b0dy reported these vulnerabilities to CISA.

JSON

Omron

What is CVE-2019-18269?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.