CVE-2023-27396

Name of the Vulnerable Software and Affected Versions SYSMAC CS-series CPU Units, all versions SYSMAC CJ-series CPU Units, all versions SYSMAC CP-series CPU Units, all versions SYSMAC NJ-series CPU Units, all versions SYSMAC NX1P-series CPU Units, all versions SYSMAC NX102-series CPU Units, all versions SYSMAC NX7 Database Connection CPU Units, version 1.16 and later

Description FINS (Factory Interface Network Service) is a message communication protocol used in closed FA (Factory Automation) networks composed of OMRON products. The protocol has two security issues: (1) plaintext communication and (2) no authentication required. When FINS messages are intercepted, the contents may be retrieved. When arbitrary FINS messages are injected, any commands may be executed on, or the system information may be retrieved from, the affected device.

Recommendations For SYSMAC CS-series CPU Units, consider implementing encryption and authentication mechanisms to secure FINS communication. For SYSMAC CJ-series CPU Units, restrict access to the FINS protocol to minimize the risk of exploitation. For SYSMAC CP-series CPU Units, disable any unnecessary FINS communication to reduce the attack surface. For SYSMAC NJ-series CPU Units, implement secure authentication and authorization mechanisms for FINS messages. For SYSMAC NX1P-series CPU Units, use secure communication protocols instead of plaintext FINS messages. For SYSMAC NX102-series CPU Units, limit access to the FINS protocol to trusted devices and users. For SYSMAC NX7 Database Connection CPU Units, version 1.16 and later, apply secure configuration settings to prevent unauthorized access to the FINS protocol.