Rewterz Threat Advisory – ICS: Omron PLC CJ and CS Series Multiple Vulnerabilities
December 13, 2019Rewterz Threat Alert – Echobot Variant Exploits 77 Remote Code Execution Flaws
December 13, 2019Rewterz Threat Advisory – ICS: Omron PLC CJ and CS Series Multiple Vulnerabilities
December 13, 2019Rewterz Threat Alert – Echobot Variant Exploits 77 Remote Code Execution Flaws
December 13, 2019Severity
Medium
Analysis Summary
The software does not implement sufficient measures to prevent multiple failed authentication attempts within in a short time frame, making it more susceptible to brute force attacks.
Impact
Improper Restriction of Excessive Authentication Attempts
Affected Vendors
Omron
Affected Products
- Omron PLC CS series all versions
- Omron PLC CJ series all versions
- Omron PLC NJ series all versions
Remediation
- Filter FTP port: Protect access to Omron’s PLC with a firewall and block unnecessary remote access to FTP port (default: 21).
- Filter IP addresses: Protect access to Omron’s PLC with a firewall and filtering devices connected to the PLC by IP address.