Vulnerability identifier: #VU23585

Vulnerability risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2019-13533

CWE-ID: CWE-294

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Omron PLC CS series
Hardware solutions / Other hardware appliances
Omron PLC CJ series
Hardware solutions / Other hardware appliances

Vendor: Omron

Description

The vulnerability allows a remote attacker to bypass authentication on the target system.

The vulnerability exists in the FINS communication protocol due to the FINS communication packet between a controller and a PLC may be monitored and it may invite replay attack using commands for the PLC. A remote attacker can cause opening and closing of industrial valves.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Omron PLC CS series: All versions

Omron PLC CJ series: All versions

---

External links
http://www.omron-cxone.com/security/2019-12-06_PLC_EN.pdf

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.