#VU23585 Authentication Bypass by Capture-replay


Published: 2019-12-13

Vulnerability identifier: #VU23585

Vulnerability risk: High

CVSSv3.1:

CVE-ID: CVE-2019-13533

CWE-ID: CWE-294

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Omron PLC CS series
Hardware solutions / Other hardware appliances
Omron PLC CJ series
Hardware solutions / Other hardware appliances

Vendor: Omron

Description

The vulnerability allows a remote attacker to bypass authentication on the target system.

The vulnerability exists in the FINS communication protocol due to the FINS communication packet between a controller and a PLC may be monitored and it may invite replay attack using commands for the PLC. A remote attacker can cause opening and closing of industrial valves.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Omron PLC CS series: All versions

Omron PLC CJ series: All versions


CPE

External links
http://www.omron-cxone.com/security/2019-12-06_PLC_EN.pdf


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability