Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis

Japanese electronics giant Omron recently patched programmable logic controller (PLC) and engineering software vulnerabilities that were discovered by industrial cybersecurity firm Dragos during the analysis of a sophisticated piece of malware. Last year, the US cybersecurity agency CISA informed organizations about three vulnerabilities affecting Omron NJ and NX-series controllers. Dragos told SecurityWeek at the time that one of these flaws, a critical hardcoded credentials issue tracked as CVE-2022-34151 that can be used to access Omron PLCs, had been targeted by the industrial control system (ICS) attack framework known as Pipedream and Incontroller. Pipedream is believed to be the work of a state-sponsored threat group, possibly linked to Russia. Dragos determined last year that one of Pipedream’s components, named BadOmen, had exploited CVE-2022-34151 to interact with an HTTP server on targeted Omron NX/NJ controllers. BadOmen can be used to manipulate and cause disruption to physical processes.