Omron FINS memory protection susceptible to bruteforce
CVE-2022-45790

8.6HIGH

Key Information:

Vendor: Omron
Status: Cj-series And Cs-series Cpu Modules
Vendor: CVE Published:; 22 January 2024

What is CVE-2022-45790?

The Omron FINS protocol features an authentication mechanism designed to secure access to critical memory regions. However, this authentication can be compromised through brute force attacks, enabling unauthorized users to access protected memory. Gaining access to these memory areas poses a significant risk as it allows adversaries to potentially overwrite important values, jeopardizing the integrity of programmed logic and overall automation system functionality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

CJ-series and CS-series CPU modules CJ2H 0.0 < 1.5

CJ-series and CS-series CPU modules CJ2M 0.0 < 2.1

CJ-series and CS-series CPU modules CJ1G 0.0 < 4.1

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-2...

https://www.fa.omron.co.jp/product/security/assets/pdf/en...

https://www.dragos.com/advisory/omron-plc-and-engineering...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jan 22, 2024
Vulnerability Reserved
Nov 22, 2022

JSON

Omron

What is CVE-2022-45790?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.