CVE-2019-13533

In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.

high 8.1 CVSS 3.1
Published: Dec 16, 2019
Modified: Jun 2, 2026
Vendor: Omron
Product: Plc Cj Firmware

Description

In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.

References

Related CVEs

CVE-2022-33971 high · 7.5
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all
CVE-2022-34151 high · 8.1
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.
CVE-2020-6986 high · 7.5
In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in t
CVE-2019-18269 critical · 9.8
Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.
CVE-2015-0987 critical · 10.0
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain