Severity
High
Analysis Summary
CVE-2023-27396
OMRON FINS (Factory Interface Network Service) could allow a remote attacker to execute arbitrary commands on the system, caused by improper authentication validation and the use of plaintext communication. By injecting specially crafted FINS messages, an attacker could exploit this vulnerability to execute arbitrary commands or obtain sensitive system information from the system.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2023-27396
Affected Vendors
Omron
Affected Products
- OMRON FINS
Remediation
Upgrade to the latest version of OMRON, available from the OMRON Website.