Carding
Professional
- Messages
- 2,871
- Reaction score
- 2,467
- Points
- 113
The company fixes dangerous vulnerabilities that opened access to ICS systems.
Japanese company Omron recently released patches for vulnerabilities in the programmable logic controller (PLC) and engineering software discovered by cybersecurity firm Dragos during its analysis of sophisticated malware.
Last year, the US cybersecurity agency CISA warned organizations about three vulnerabilities affecting Omron's NJ and NX series controllers. Dragos reported that one of these vulnerabilities, the critical issue CVE-2022-34151, related to hard-coded credentials, was used to access Omron's PLC and was the target of attacks on the industrial control system (ICS) called Pipedream (Incontroller).
Dragos determined that one of the components of the Pipedream malware, BadOmen, used CVE-2022-34151 to interact with the HTTP server on target Omron NX/NJ controllers. BadOmen can be used to manipulate and cause process failures.
During its malware research, BadOmen Dragos discovered additional vulnerabilities in Omron products. CISA and Omron issued recommendations to inform organizations about new vulnerabilities and the availability of fixes.
Dragos told SecurityWeek that the vulnerabilities were not exploited by malware, and there is no evidence of their exploitation. CISA and Omron have published three separate recommendations.
Note that the US Cybersecurity and Infrastructure Protection Agency (CISA) has added eight new items to its catalog of known exploited vulnerabilities. The decision to add it was made based on data about the active exploitation of these vulnerabilities by intruders.
The US Department of Homeland Security (DHS) has proposed to simplify the rules for federal reporting on cyber incidents for affected organizations, including by creating a single web portal for such reports.
Japanese company Omron recently released patches for vulnerabilities in the programmable logic controller (PLC) and engineering software discovered by cybersecurity firm Dragos during its analysis of sophisticated malware.
Last year, the US cybersecurity agency CISA warned organizations about three vulnerabilities affecting Omron's NJ and NX series controllers. Dragos reported that one of these vulnerabilities, the critical issue CVE-2022-34151, related to hard-coded credentials, was used to access Omron's PLC and was the target of attacks on the industrial control system (ICS) called Pipedream (Incontroller).
Dragos determined that one of the components of the Pipedream malware, BadOmen, used CVE-2022-34151 to interact with the HTTP server on target Omron NX/NJ controllers. BadOmen can be used to manipulate and cause process failures.
During its malware research, BadOmen Dragos discovered additional vulnerabilities in Omron products. CISA and Omron issued recommendations to inform organizations about new vulnerabilities and the availability of fixes.
Dragos told SecurityWeek that the vulnerabilities were not exploited by malware, and there is no evidence of their exploitation. CISA and Omron have published three separate recommendations.
- One of them describes a high-risk vulnerability CVE-2022-45790 (CVSS: 7.5) in Omron PLC CJ/CS/CP series, which uses the FINS protocol, subject to brute-force attacks.
- Two other recommendations describe vulnerabilities in the Omron software: CVE-2022-45793 (CVSS: 5.5) and CVE-2018-1002205 (CVSS: 5.5).
Note that the US Cybersecurity and Infrastructure Protection Agency (CISA) has added eight new items to its catalog of known exploited vulnerabilities. The decision to add it was made based on data about the active exploitation of these vulnerabilities by intruders.
The US Department of Homeland Security (DHS) has proposed to simplify the rules for federal reporting on cyber incidents for affected organizations, including by creating a single web portal for such reports.
