Omron NJ/NX-series Machine Automation Controllers
Plan Patch8.3ICS-CERT ICSA-22-314-07Nov 10, 2022
Summary
Omron NJ/NX-series Machine Automation Controllers contain a vulnerability that could allow an attacker to obtain unauthorized access to the device, place it in an "out of service" state, or execute a malicious program. The vulnerability affects NX7-series (all models up to version 1.28), NX1-series (all models up to version 1.48), and NJ-series (all models up to version 1.48). High attack complexity is required for exploitation.
What this means
What could happen
An attacker could take control of the machine automation controller, stopping production lines or altering manufacturing processes, or causing the controller to fail and take equipment offline until manually recovered.
Who's at risk
Manufacturing facilities using Omron NJ/NX-series Machine Automation Controllers, including packaging lines, assembly systems, and discrete production equipment that rely on these controllers for process automation and sequencing.
How it could be exploited
An attacker would need to achieve network access to the controller and meet unspecified high-complexity prerequisites to exploit this vulnerability. Once successful, they could gain unauthorized access to execute code or commands on the controller, affecting the automated machinery it controls.
Prerequisites
- Network connectivity to the machine automation controller
- High attack complexity conditions (specific technical prerequisites not disclosed in advisory)
- Likely physical proximity or compromised internal network access given high complexity rating
Remotely exploitableHigh CVSS score (8.3)Manufacturing critical equipmentHigh attack complexity may reduce immediate risk
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (3)
2 with fix1 pending
ProductAffected VersionsFix Status
NJ/NX-series Machine Automation Controllers - NJ-series Machine Automation Controller (All Models):≤ 1.48No fix yet
NJ/NX-series Machine Automation Controllers - NX7-series Machine Automation Controller (All Models):≤ 1.281.29 or higher
NJ/NX-series Machine Automation Controllers - NX1-series Machine Automation Controller (All Models):≤ 1.481.50 or higher
Remediation & Mitigation
0/14
Do now
0/6HARDENINGImplement firewalls to isolate affected controllers from the IT network; shut down unused communication ports and limit inter-host communications
HARDENINGRestrict network connectivity to machine automation controllers; prevent connection to open networks and block access from untrusted devices
HARDENINGInstall and maintain up-to-date antivirus software on all PCs with access to the control system
HARDENINGEnforce strong passwords and change them frequently on all controller accounts
WORKAROUNDUse VPN for any remote access to machine automation controllers
WORKAROUNDScan USB drives and external devices for malware before connecting them to controllers
Schedule — requires maintenance window
0/6Patching may require device reboot — plan for process interruption
HOTFIXUpdate NX7-series controllers to firmware version 1.29 or higher
HOTFIXUpdate NX1-series controllers to firmware version 1.50 or higher
HOTFIXUpdate NJ-series controllers (NJ501-1300, NJ501-1400, NJ501-1500) to firmware version 1.49 or higher
HOTFIXUpdate NJ-series controllers (all other models) to firmware version 1.50 or higher
HARDENINGImplement multi-factor authentication (MFA) on all devices with remote access to controllers
HARDENINGImplement physical access controls to restrict unauthorized personnel from accessing controller equipment
Long-term hardening
0/2HARDENINGPerform regular data backups and maintain backup validation procedures to prepare for potential data loss or corruption
HARDENINGImplement input/output validation and range checks to detect unintentional or malicious modifications to controller data
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/8aadb3ad-a505-42d0-b44d-0becb3412360