CVSS 10.0CVSS 10.0 · CRITICAL
CVE-2015-0987
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request.
Ver en NVDSeveridad
Puntaje: 10.0(CRITICAL)
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:HAV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: CHANGED
C: HIGH
I: LOW
A: HIGH
Tipo de falla (CWE):
CWE-200CWE-319EPSS
Probabilidad de explotación (próx. 30 días): 0.0053 (0.5%)
Percentil: 67.7%
EPSS: 2026-06-02
Afecta
omron:cx-programmeromron:cj2h_plcomron:cj2m_plcDescripción técnica
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request.
Publicada: 6/10/2015, 1:59:03
Última modificación: 2/6/2026, 21:16:20