Cp1w\-Cif41_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Cp1w\-Cif41_firmware
(Omron)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	4

Date	Id	Summary	Products	Score	Patch	Annotated
2022-07-26	CVE-2022-31205	In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication.	Cp1w\-Cif41_firmware, Sysmac_cj2h_firmware, Sysmac_cj2m_firmware, Sysmac_cp1e_firmware, Sysmac_cp1h_firmware, Sysmac_cp1l_firmware, Sysmac_cs1_firmware	7.5
2023-06-19	CVE-2023-27396	FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues -- (1)Plaintext communication, and (2)No authentication required. When FINS messages are intercepted, the contents may be retrieved. When arbitrary FINS messages are injected, any commands may be...	Cj2h\-Cpu64\-Eip_firmware, Cj2h\-Cpu64_firmware, Cj2h\-Cpu65\-Eip_firmware, Cj2h\-Cpu65_firmware, Cj2h\-Cpu66\-Eip_firmware, Cj2h\-Cpu66_firmware, Cj2h\-Cpu67\-Eip_firmware, Cj2h\-Cpu67_firmware, Cj2h\-Cpu68\-Eip_firmware, Cj2h\-Cpu68_firmware, Cj2m\-Cpu11_firmware, Cj2m\-Cpu12_firmware, Cj2m\-Cpu13_firmware, Cj2m\-Cpu14_firmware, Cj2m\-Cpu15_firmware, Cj2m\-Cpu31_firmware, Cj2m\-Cpu32_firmware, Cj2m\-Cpu33_firmware, Cj2m\-Cpu34_firmware, Cj2m\-Cpu35_firmware, Cj2m\-Md211_firmware, Cj2m\-Md212_firmware, Cp1e\-E10dr\-A_firmware, Cp1e\-E10dr\-D_firmware, Cp1e\-E10dt1\-A_firmware, Cp1e\-E10dt1\-D_firmware, Cp1e\-E10dt\-A_firmware, Cp1e\-E10dt\-D_firmware, Cp1e\-E14dr\-A_firmware, Cp1e\-E14sdr\-A_firmware, Cp1e\-E20dr\-A_firmware, Cp1e\-E20sdr\-A_firmware, Cp1e\-E30dr\-A_firmware, Cp1e\-E30sdr\-A_firmware, Cp1e\-E40dr\-A_firmware, Cp1e\-E40sdr\-A_firmware, Cp1e\-E60sdr\-A_firmware, Cp1e\-N14dr\-A_firmware, Cp1e\-N14dr\-D_firmware, Cp1e\-N14dt1\-A_firmware, Cp1e\-N14dt1\-D_firmware, Cp1e\-N14dt\-A_firmware, Cp1e\-N14dt\-D_firmware, Cp1e\-N20dr\-A_firmware, Cp1e\-N20dr\-D_firmware, Cp1e\-N20dt1\-A_firmware, Cp1e\-N20dt1\-D_firmware, Cp1e\-N20dt\-A_firmware, Cp1e\-N20dt\-D_firmware, Cp1e\-N30dr\-A_firmware, Cp1e\-N30dr\-D_firmware, Cp1e\-N30dt1\-A_firmware, Cp1e\-N30dt1\-D_firmware, Cp1e\-N30dt\-A_firmware, Cp1e\-N30dt\-D_firmware, Cp1e\-N30s1dr\-A_firmware, Cp1e\-N30s1dt1\-D_firmware, Cp1e\-N30s1dt\-D_firmware, Cp1e\-N30sdr\-A_firmware, Cp1e\-N30sdt1\-D_firmware, Cp1e\-N30sdt\-D_firmware, Cp1e\-N40dr\-A_firmware, Cp1e\-N40dr\-D_firmware, Cp1e\-N40dt1\-A_firmware, Cp1e\-N40dt1\-D_firmware, Cp1e\-N40dt\-A_firmware, Cp1e\-N40dt\-D_firmware, Cp1e\-N40s1dr\-A_firmware, Cp1e\-N40s1dt1\-D_firmware, Cp1e\-N40s1dt\-D_firmware, Cp1e\-N40sdr\-A_firmware, Cp1e\-N40sdt1\-D_firmware, Cp1e\-N40sdt\-D_firmware, Cp1e\-N60dr\-A_firmware, Cp1e\-N60dr\-D_firmware, Cp1e\-N60dt1\-A_firmware, Cp1e\-N60dt1\-D_firmware, Cp1e\-N60dt\-A_firmware, Cp1e\-N60dt\-D_firmware, Cp1e\-N60s1dr\-A_firmware, Cp1e\-N60s1dt1\-D_firmware, Cp1e\-N60s1dt\-D_firmware, Cp1e\-N60sdr\-A_firmware, Cp1e\-N60sdt1\-D_firmware, Cp1e\-N60sdt\-D_firmware, Cp1e\-Na20dr\-A_firmware, Cp1e\-Na20dt1\-D_firmware, Cp1e\-Na20dt\-D_firmware, Cp1h\-X40dr\-A_firmware, Cp1h\-X40dt1\-D_firmware, Cp1h\-X40dt\-D_firmware, Cp1h\-Xa40dr\-A_firmware, Cp1h\-Xa40dt1\-D_firmware, Cp1h\-Xa40dt\-D_firmware, Cp1h\-Y20dt\-D_firmware, Cp1l\-El20dr\-D_firmware, Cp1l\-El20dt1\-D_firmware, Cp1l\-El20dt\-D_firmware, Cp1l\-Em30dr\-D_firmware, Cp1l\-Em30dt1\-D_firmware, Cp1l\-Em30dt\-D_firmware, Cp1l\-Em40dr\-D_firmware, Cp1l\-Em40dt1\-D_firmware, Cp1l\-Em40dt\-D_firmware, Cp1l\-L10dr\-A_firmware, Cp1l\-L10dr\-D_firmware, Cp1l\-L10dt1\-D_firmware, Cp1l\-L10dt\-A_firmware, Cp1l\-L10dt\-D_firmware, Cp1l\-L14dr\-A_firmware, Cp1l\-L14dr\-D_firmware, Cp1l\-L14dt1\-D_firmware, Cp1l\-L14dt\-A_firmware, Cp1l\-L14dt\-D_firmware, Cp1l\-L20dr\-A_firmware, Cp1l\-L20dr\-D_firmware, Cp1l\-L20dt1\-D_firmware, Cp1l\-L20dt\-A_firmware, Cp1l\-L20dt\-D_firmware, Cp1l\-M30dr\-A_firmware, Cp1l\-M30dr\-D_firmware, Cp1l\-M30dt1\-D_firmware, Cp1l\-M30dt\-A_firmware, Cp1l\-M30dt\-D_firmware, Cp1l\-M40dr\-A_firmware, Cp1l\-M40dr\-D_firmware, Cp1l\-M40dt1\-D_firmware, Cp1l\-M40dt\-A_firmware, Cp1l\-M40dt\-D_firmware, Cp1l\-M60dr\-A_firmware, Cp1l\-M60dr\-D_firmware, Cp1l\-M60dt1\-D_firmware, Cp1l\-M60dt\-A_firmware, Cp1l\-M60dt\-D_firmware, Cp1w\-16er_firmware, Cp1w\-16et1_firmware, Cp1w\-16et_firmware, Cp1w\-20edr1_firmware, Cp1w\-20edt1_firmware, Cp1w\-20edt_firmware, Cp1w\-32er_firmware, Cp1w\-32et1_firmware, Cp1w\-32et_firmware, Cp1w\-40edr_firmware, Cp1w\-40edt1_firmware, Cp1w\-40edt_firmware, Cp1w\-8ed_firmware, Cp1w\-8er_firmware, Cp1w\-8et1_firmware, Cp1w\-8et_firmware, Cp1w\-Ad041_firmware, Cp1w\-Ad042_firmware, Cp1w\-Adb21_firmware, Cp1w\-Cif01_firmware, Cp1w\-Cif11_firmware, Cp1w\-Cif12\-V1_firmware, Cp1w\-Cif41_firmware, Cp1w\-Cn811_firmware, Cp1w\-Da021_firmware, Cp1w\-Da041_firmware, Cp1w\-Da042_firmware, Cp1w\-Dab21v_firmware, Cp1w\-Dam01_firmware, Cp1w\-Ext01_firmware, Cp1w\-Mab221_firmware, Cp1w\-Mad11_firmware, Cp1w\-Mad42_firmware, Cp1w\-Mad44_firmware, Cp1w\-Me05m_firmware, Cp1w\-Srt21_firmware, Cp1w\-Ts001_firmware, Cp1w\-Ts002_firmware, Cp1w\-Ts003_firmware, Cp1w\-Ts004_firmware, Cp1w\-Ts101_firmware, Cp1w\-Ts102_firmware, Cp2e\-E14dr\-A_firmware, Cp2e\-E20dr\-A_firmware, Cp2e\-E30dr\-A_firmware, Cp2e\-E40dr\-A_firmware, Cp2e\-E60dr\-A_firmware, Cp2e\-N14dr\-A_firmware, Cp2e\-N14dr\-D_firmware, Cp2e\-N14dt1\-D_firmware, Cp2e\-N14dt\-A_firmware, Cp2e\-N14dt\-D_firmware, Cp2e\-N20dr\-A_firmware, Cp2e\-N20dr\-D_firmware, Cp2e\-N20dt1\-D_firmware, Cp2e\-N20dt\-A_firmware, Cp2e\-N20dt\-D_firmware, Cp2e\-N30dr\-A_firmware, Cp2e\-N30dr\-D_firmware, Cp2e\-N30dt1\-D_firmware, Cp2e\-N30dt\-A_firmware, Cp2e\-N30dt\-D_firmware, Cp2e\-N40dr\-A_firmware, Cp2e\-N40dr\-D_firmware, Cp2e\-N40dt1\-D_firmware, Cp2e\-N40dt\-A_firmware, Cp2e\-N40dt\-D_firmware, Cp2e\-N60dr\-A_firmware, Cp2e\-N60dr\-D_firmware, Cp2e\-N60dt1\-D_firmware, Cp2e\-N60dt\-A_firmware, Cp2e\-N60dt\-D_firmware, Cp2e\-S30dr\-A_firmware, Cp2e\-S30dt1\-D_firmware, Cp2e\-S30dt\-D_firmware, Cp2e\-S40dr\-A_firmware, Cp2e\-S40dt1\-D_firmware, Cp2e\-S40dt\-D_firmware, Cp2e\-S60dr\-A_firmware, Cp2e\-S60dt1\-D_firmware, Cp2e\-S60dt\-D_firmware, Cp2w\-Cifd1_firmware, Cp2w\-Cifd2_firmware, Cp2w\-Cifd3_firmware, Cs1w\-Clk_firmware, Cs1w\-Drm21\-V1_firmware, Cs1w\-Eip21_firmware, Cs1w\-Etn21_firmware, Cs1w\-Fln22_firmware, Cs1w\-Nc271_firmware, Cs1w\-Nc471_firmware, Cs1w\-Ncf71_firmware, Cs1w\-Spu01\-V2_firmware, Cs1w\-Spu02\-V2_firmware, Nj101\-1000_firmware, Nj101\-1020_firmware, Nj101\-9000_firmware, Nj101\-9020_firmware, Nj301\-1100_firmware, Nj301\-1200_firmware, Nj501\-1300_firmware, Nj501\-1320_firmware, Nj501\-1340_firmware, Nj501\-1400_firmware, Nj501\-1420_firmware, Nj501\-1500_firmware, Nj501\-1520_firmware, Nj501\-4300_firmware, Nj501\-4310_firmware, Nj501\-4320_firmware, Nj501\-4400_firmware, Nj501\-4500_firmware, Nj501\-5300_firmware, Nj501\-R300_firmware, Nj501\-R320_firmware, Nj501\-R400_firmware, Nj501\-R420_firmware, Nj501\-R500_firmware, Nj501\-R520_firmware, Nj\-Pa3001_firmware, Nj\-Pd3001_firmware, Nx102\-1000_firmware, Nx102\-1020_firmware, Nx102\-1100_firmware, Nx102\-1120_firmware, Nx102\-1200_firmware, Nx102\-1220_firmware, Nx102\-9000_firmware, Nx102\-9020_firmware, Nx1p2\-1040dt1_firmware, Nx1p2\-1040dt_firmware, Nx1p2\-1140dt1_firmware, Nx1p2\-1140dt_firmware, Nx1p2\-9024dt1_firmware, Nx1p2\-9024dt_firmware, Nx701\-1620_firmware, Nx701\-1720_firmware	9.8
2022-07-26	CVE-2022-31204	Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows users or system integrators to configure a password in order to restrict sensitive engineering operations (such as project/logic uploads and downloads). This password is set using the OMRON FINS command Program Area Protect and unset using the command Program Area Protect Clear, both of which are transmitted in cleartext.	Cp1w\-Cif41_firmware, Cx\-Programmer, Sysmac_cj2h_firmware, Sysmac_cj2m_firmware, Sysmac_cp1e_firmware, Sysmac_cp1h_firmware, Sysmac_cp1l_firmware, Sysmac_cs1_firmware	7.5
2022-07-26	CVE-2022-31207	The Omron SYSMAC Cx product family PLCs (CS series, CJ series, and CP series) through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS (9600/TCP) protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication flaws as reported in FSCT-2022-0057. Control logic is downloaded to PLC volatile memory using the FINS Program Area Read and Program Area Write commands or to non-volatile memory using other...	Cp1w\-Cif41_firmware, Sysmac_cj2h_firmware, Sysmac_cj2m_firmware, Sysmac_cp1e_firmware, Sysmac_cp1h_firmware, Sysmac_cp1l_firmware, Sysmac_cs1_firmware	9.8