Information disclosure in Omron Cj2h_plc
CVE-2015-1015
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensit…
Vulnerability class: Information Disclosure
EPSS: 0.004 (32.0th percentile) — read the EPSS interpretation.
Affected products
- Omron Cj2h_plc — versions 1.4
- Omron Cj2m_plc — versions 2.0
- Omron Cx-programmer — versions 9.5
- N/a — versions n/a
Weakness classification (CWE)
References
- ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)