Omron CS/CJ Series

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to access sensitive information in the file system and memory.

CVEs (1)

Remediations

• OMRON recommends users take the following mitigation measures to minimize the risk of exploitation of these vulnerabilities.
• Enable the FINS write protection function.
• Minimize connection of control systems and equipment to open networks preventing untrusted devices from accessing them.
• Implement firewalls:
• Shut down unused communications ports
• Limit communications hosts
• Limit access to FINS port (9600)
• Isolate control systems and equipment from the IT network.
• Use a virtual private network (VPN) for remote access to control systems and equipment.
• Use strong passwords and change them frequently.
• Install physical controls, only permitting authorized personnel access to control systems and equipment.
• Use malware scanning tools to ensure safety of any USB drives or other portable devices before connecting them to control systems and devices.
• Enforce multifactor authentication on all devices with remote access to control systems and equipment when possible.
• Protect hosts with access to the control system against malware and Ensure installation and maintenance of up-to-date, antivirus software on hosts with access to control systems.
• Complete validation processing, such as backup and range checks, to cope with unintentional modification of input/output data to control systems and devices.
• Complete periodical data backup and maintenance to prepare for data loss.
• For more information, see Omron’s Advisory.

Affected Vendors

Affected Products (11)

Affected Sectors

Critical Manufacturing