GCVE - cpe:2.3:h:omron:cj2m-cpu13:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:omron:cj2m-cpu13:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Omron (`675649e9-6a71-548a-9a9b-e097b9db785b`)
Product	Cj2M Cpu13 (`4a0680ca-0450-5cfe-bb5e-db888de7bc40`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-27396`	not_vulnerable	2026-06-08 05:57:41.168237	Details available FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues -- (1)Plaintext communication, and (2)No authentication required. When FINS messages are intercepted, the contents may be retrieved. When arbitrary FINS messages are injected, any commands may be executed on, or the system information may be retrieved from, the affected device. Affected products and versions are as follows: SYSMAC CS-series CPU Units, all versions, SYSMAC CJ-series CPU Units, all versions, SYSMAC CP-series CPU Units, all versions, SYSMAC NJ-series CPU Units, all versions, SYSMAC NX1P-series CPU Units, all versions, SYSMAC NX102-series CPU Units, all versions, and SYSMAC NX7 Database Connection CPU Units (Ver.1.16 or later) Published: 2023-06-19T00:00:00.000Z Updated: 2024-12-24T16:45:20.428Z Open on db.gcve.eu Reference links https://www.us-cert.gov/ics/advisories/icsa-19-346-02 https://www.ia.omron.com/product/vulnerability/OMSR-2023-003_en.pdf https://www.fa.omron.co.jp/product/vulnerability/OMSR-2023-003_ja.pdf https://jvn.jp/en/ta/JVNTA91513661/ https://jvn.jp/ta/JVNTA91513661/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-45790`	not_vulnerable	2026-06-08 05:50:36.876930	Omron FINS memory protection susceptible to bruteforce HIGH (8.6) The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic. Published: 2024-01-22T17:22:14.476Z Updated: 2024-11-13T16:53:38.204Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05 https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.