What is CVE-2019-13533?

CVE-2019-13533 is a high-severity vulnerability in Omron Plc_cj_firmware, classified under Authentication Bypass by Capture-replay. CVSS score: 8.1/10. Published 2019-12-16.

How severe is CVE-2019-13533?

High severity. CVSS v3 base score is 8.1 out of 10.

Vulnerability in Omron Plc_cj_firmware

CVE-2019-13533

In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.

EPSS: 0.003 (51.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H.

Affected products

Omron Plc_cj_firmware
Omron Plc_cs_firmware
N/a Omron Plc Cj And Cs Series — versions Omron PLC CJ series, all versions, Omron PLC CS series, all versions

Weakness classification (CWE)

CWE-294 — Authentication Bypass by Capture-replay

References

ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2019-13533?: CVE-2019-13533 is a high-severity vulnerability in Omron Plc_cj_firmware, classified under Authentication Bypass by Capture-replay. CVSS score: 8.1/10. Published 2019-12-16.
How severe is CVE-2019-13533?: High severity. CVSS v3 base score is 8.1 out of 10.