Å·Ä·ÁúHMI²úÆ·Ô¶³Ì´úÂëÖ´Ðзì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-01-22

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-19027£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ 6.6£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Omron CX-Protocol 2.0

Omron CX-Protocol 1.993

Omron CX-Protocol 1.992

Omron CX-One 4.50

Omron CX-One 4.42


·ì϶¸ÅÊö


Omron CX-OneÊÇÈÕ±¾£¨Å·Ä·Áú£©Omron¹«Ë¾µÄÒ»Ì×¼¯³É¹¤¾ß°ü£¬ÆäÖÐÔ̺¬ÁËÓÃÓÚÍøÂç¡¢PT¡¢±äƵÆ÷¡¢Î¶ȽÚÔìÆ÷ÒÔ¼°PLC±à³ÌÈí¼þµÈ£¬ÔÊÐí×éÖ¯´´½¨ÓÃÓÚ¼à¿ØºÍÊý¾Ý²É¼¯£¨SCADA£©ÏµÍ³µÄÈË»ú½çÃ棨HMI£©£¬¸Ã¹¤¾ßÔÚÈ«ÇòÁìÓòÄÚʹÓã¬ÖØÒªÓÃÓÚÄÜÔ´ÁìÓò¡£CX-ProtocolÊÇÆäÖеÄÒ»¸öÓÃÓÚ´´½¨´®ÐÐͨѶºÍ̸Óë³ß¶È´®ÐÐÉ豸ͨѶµÄ×é¼þ¡£ Omron CX-One 4.50¼°Ö®Ç°°æ±¾ÖеÄCX-Protocol 2.0¼°Ö®Ç°°æ±¾´æÔÚËÁÒâ´úÂëÖ´Ðзì϶¡£Ô¶³Ì¹¥»÷Õß¿ÉÀûÓø÷ì϶ÔÚÊÜÓ°ÏìÀûÓ÷¨Ê½µÄ¸ßµÍÎÄÖÐÖ´ÐÐËÁÒâ´úÂë»òÔì³É»Ø¾ø·þÎñ¡£ÓÉÓڸ÷ì϶ÀûÓÃÒªÇóµÍ£¬±ØÒª°ÑÎÈ¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC/EXP¡£


½¨¸´½¨Òé


¹Ù·½ÒѾ­°ä²¼ÁËа汾½¨¸´Á˸÷ì϶£¬ÇëÊÜÓ°ÏìµÄÓû§ÊµÊ±¸üе½CX-Protocol 2.01°æ±¾£¬ÐγɶԴ˷ì϶³Ö¾ÃÓÐЧµÄ·À»¤¡£


Óû§±ØÒªµ½¹ÙÍøÏÂÔØ×îа汾£¬ÏÂÔØÏνÓÈçÏ£º

https://industrial.omron.us/en/home


²Î¿¼Á´½Ó


https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02

https://www.securityfocus.com/bid/106524/info