CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2015-0987

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0980%
EPSS Percentile15.86th
Published2015年10月6日
Last Modified2026年6月2日

Vulnerability Description

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request.

Affected Platforms (CPE)

📦
Omron

Cx Programmer

<= 9.5
🔌
Omron

Cj2h Plc

<= 1.4
🔌
Omron

Cj2m Plc

<= 2.0

References & Advisories

🔗 https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-15-274-01

相關漏洞威脅

CVE-2016-934310.0

An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all...

CVE-2012-469710.0

TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain adm...

CVE-2017-78989.8

An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix ...

CVE-2017-79029.8

A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable...