Omron CJ1M unit v4.0 and prior has improper access controls on the memory region where the UM password is stored. If an adversary issues a PROGRAM AREA WRITE command to a specific memory region, they could overwrite the password. This may lead to disabling UM protections or setting a non-ASCII password (non-keyboard characters) and preventing an engineer from viewing or modifying the user program.
https://www.ia.omron.com/product/vulnerability/OMSR-2023-001_en.pdf
https://www.cisa.gov/news-events/ics-advisories/icsa-23-073-01