A sophisticated piece of malware intended to attack Industrial Control Systems (ICS) has exploited a critical vulnerability affecting Omron products, but it has not received the attention it merits.
The NJ and NX-series controllers and software produced by the Japanese electronics company Omron were affected by three vulnerabilities, according to two advisories published on November 10 by the US Cybersecurity and Infrastructure Security Agency (CISA). One of the advisories details CVE-2022-33971, a high-severity flaw that could enable an attacker to execute malicious code or cause a denial-of-service (DoS) condition on a targeted Omron programmable logic controller (PLC).
Also Read: 3 Measures for XIoT Cybersecurity
Omron published advisories for these vulnerabilities in July, and in July and October, patches were made available.