Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
Information
Published : 2015-10-05 18:59
Updated : 2015-10-06 16:49
NVD link : CVE-2015-1015
Mitre link : CVE-2015-1015
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
omron
- cj2m_plc
- cj2h_plc
- cx-programmer