1 results (0.027 seconds)

CVSS: 9.1EPSS: 0%CPEs: 256EXPL: 0

Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-073-01 https://www.ia.omron.com/product/vulnerability/OMSR-2023-001_en.pdf • CWE-284: Improper Access Control •