Protect Your Omron CJ1M PLC: Update to Fix Critical Password Vulnerability

CVECVE-2023-0811
CVSScvssV3_1: 9.1
SourceCVE-2023-0811

Omron CJ1M programmable logic controllers (PLCs) are widely used industrial control devices. Unfortunately, versions 4.0 and earlier of the CJ1M firmware are affected by a serious vulnerability that can allow attackers to overwrite the password protecting the user program area.

Attackers can exploit this by issuing a special “PROGRAM AREA WRITE” command to a specific memory region where the user management (UM) password is stored. This allows overwriting the password with any value, including non-keyboard characters to prevent it from being viewed or changed through normal means.

With the password bypassed, attackers gain unfettered access to view and modify the user program running the machinery or system controlled by the PLC. They could cause equipment to malfunction or even shut down entire processes.

The good news is Omron has released updated firmware that fixes this improper access control flaw. All CJ1M owners should update to the latest version immediately. Regularly checking for and applying security updates is also important for any networked industrial equipment. Taking basic steps like restricting network access and changing default passwords can help prevent exploitation.

Staying on top of vulnerabilities and promptly applying patches is key to protecting industrial systems from the growing threat of cyberattacks on operational technology.

References