CRITICAL🇵🇱 Wersja polska

CVE-2015-0987

CVSS 10.0v2.0pub. 2015-10-06upd. 2026-06-02

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H
  • Omron Cj2h Plc

    HW
    Omron
    ≤ 1.4
  • Omron Cj2m Plc

    HW
    Omron
    ≤ 2.0
  • Omron Cx Programmer

    APP
    Omron
    ≤ 9.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-38746HIGH7.8ten sam produkt

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and e...

CVE-2023-22277HIGH7.8ten sam produkt

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially c...

CVE-2023-22314HIGH7.8ten sam produkt

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially c...

CVE-2023-22317HIGH7.8ten sam produkt

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially c...

CVE-2023-38747HIGH7.8ten sam produkt

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and...