Description
The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
- Attack Vector
- network
- Complexity
- low
- Privileges
- none
- User Action
- none
- Scope
- changed
- Confidentiality
- none
- Integrity
- high
- Availability
- none
- Weaknesses
- CWE-307CWE-307
Metadata
- Primary Vendor
- OMRON
- Published
- 1/22/2024
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
omron : cj1g-cpu45p_firmwareomron : cj1g-cpu45p-gtc_firmwareomron : cj1g-cpu44p_firmwareomron : cj1g-cpu43p_firmwareomron : cj1g-cpu42p_firmwareomron : cp1e-e_firmwareomron : cp1e-n_firmwareomron : cj2h-cpu68_firmwareomron : cj2h-cpu67_firmwareomron : cj2h-cpu66_firmwareomron : cj2h-cpu65_firmwareomron : cj2h-cpu64_firmwareomron : cj2h-cpu68-eip_firmwareomron : cj2h-cpu67-eip_firmwareomron : cj2h-cpu66-eip_firmwareomron : cj2h-cpu65-eip_firmwareomron : cj2h-cpu64-eip_firmwareomron : cj2m-cpu35_firmwareomron : cj2m-cpu34_firmwareomron : cj2m-cpu33_firmwareomron : cj2m-cpu32_firmwareomron : cj2m-cpu31_firmwareomron : cj2m-cpu15_firmwareomron : cj2m-cpu14_firmwareomron : cj2m-cpu13_firmwareomron : cj2m-cpu12_firmwareomron : cj2m-cpu11_firmwareomron : cj2m-md211_firmwareomron : cj2m-md212_firmwareomron : cs1d-cpu67s_firmwareomron : cs1d-cpu65s_firmwareomron : cs1d-cpu44s_firmwareomron : cs1d-cpu42s_firmwareomron : cs1d-cpu65p_firmwareomron : cs1d-cpu67p_firmwareomron : cs1d-cpu67h_firmwareomron : cs1d-cpu65h_firmwareomron : cs1h-cpu67h_firmwareomron : cs1h-cpu66h_firmwareomron : cs1h-cpu65h_firmwareomron : cs1h-cpu64h_firmwareomron : cs1h-cpu63h_firmwareomron : cs1g-cpu45h_firmwareomron : cs1g-cpu44h_firmwareomron : cs1g-cpu43h_firmwareomron : cs1g-cpu42h_firmware
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.