CVE-2023-27396

critical-risk
Published 2023-06-19

FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues -- (1)Plaintext communication, and (2)No authentication required. When FINS messages are intercepted, the contents may be retrieved. When arbitrary FINS messages are injected, any commands may be executed on, or the system information may be retrieved from, the affected device. Affected products and versions are as follows: SYSMAC CS-series CPU Units, all versions, SYSMAC CJ-series CPU Units, all versions, SYSMAC CP-series CPU Units, all versions, SYSMAC NJ-series CPU Units, all versions, SYSMAC NX1P-series CPU Units, all versions, SYSMAC NX102-series CPU Units, all versions, and SYSMAC NX7 Database Connection CPU Units (Ver.1.16 or later)

Do I need to act?

~
1.8% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Cp2E-N40Dr-D Firmware
Cs1W-Eip21 Firmware
Cs1W-Spu01-V2 Firmware
Cs1W-Spu02-V2 Firmware
Cs1W-Etn21 Firmware
Cs1W-Clk Firmware
Cs1W-Fln22 Firmware
Cs1W-Drm21-V1 Firmware
Cs1W-Nc271 Firmware
Cs1W-Nc471 Firmware
Cs1W-Ncf71 Firmware
Cj2M-Cpu35 Firmware
Cj2M-Cpu34 Firmware
Cj2M-Cpu33 Firmware
Cj2M-Cpu32 Firmware
Cj2M-Cpu31 Firmware
Cj2M-Cpu15 Firmware
Cj2M-Cpu14 Firmware
Cj2M-Cpu13 Firmware
Cj2M-Cpu12 Firmware

Affected Vendors

Omron

References (14)

Third Party Advisory https://jvn.jp/en/ta/JVNTA91513661/
Third Party Advisory https://jvn.jp/ta/JVNTA91513661/
Not Applicable https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-02
Vendor Advisory https://www.fa.omron.co.jp/product/vulnerability/OMSR-2023-003_ja.pdf
Vendor Advisory https://www.ia.omron.com/product/vulnerability/OMSR-2023-003_en.pdf
Not Applicable https://www.us-cert.gov/ics/advisories/icsa-19-346-02
Not Applicable https://www.us-cert.gov/ics/advisories/icsa-20-063-03
Third Party Advisory https://jvn.jp/en/ta/JVNTA91513661/
Third Party Advisory https://jvn.jp/ta/JVNTA91513661/
Not Applicable https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-02
Vendor Advisory https://www.fa.omron.co.jp/product/vulnerability/OMSR-2023-003_ja.pdf
Vendor Advisory https://www.ia.omron.com/product/vulnerability/OMSR-2023-003_en.pdf
Not Applicable https://www.us-cert.gov/ics/advisories/icsa-19-346-02
Not Applicable https://www.us-cert.gov/ics/advisories/icsa-20-063-03
70
/ 100
critical-risk
Severity 32/34 · Critical
Exploitability 5/34 · Minimal
Exposure 33/34 · Critical