PT-2015-3351 · Omron · Cx-One Cx-Programmer+2
Stephen Dunlap
·
Published
2015-10-01
·
Updated
2026-06-02
·
CVE-2015-0987
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H |
Name of the Vulnerable Software and Affected Versions
Omron CX-One CX-Programmer versions prior to 9.6
Omron CJ2M PLC devices versions prior to 2.1
Omron CJ2H PLC devices versions prior to 1.5
Description
The issue is related to the transmission of passwords in cleartext, which can be exploited by a remote attacker to obtain sensitive information by sniffing the network traffic during the authentication process. This can allow an attacker to intercept passwords, potentially leading to unauthorized access.
Recommendations
For Omron CX-One CX-Programmer versions prior to 9.6, update to version 9.6 or later to resolve the issue.
For Omron CJ2M PLC devices versions prior to 2.1, update to version 2.1 or later to resolve the issue.
For Omron CJ2H PLC devices versions prior to 1.5, update to version 1.5 or later to resolve the issue.
Fix
Information Disclosure
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cj2H Plc
Cj2M Plc
Cx-One Cx-Programmer