8.1

CVE-2022-34151

EPSS 0.75%
Veröffentlicht 04.07.2022 02:15:07
Zuletzt bearbeitet 21.11.2024 07:08:57
Quelle vultures@jpcert.or.jp
Teams Watchlist Login
Unerledigt Login

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Omron ≫ Nx701-1600 Firmware Version <= 1.28

Omron ≫ Nx701-1600 Version-

Omron ≫ Nx701-1700 Firmware Version <= 1.28

Omron ≫ Nx701-1700 Version-

Omron ≫ Nx701-z700 Firmware Version <= 1.28

Omron ≫ Nx701-z700 Version-

Omron ≫ Nx701-z600 Firmware Version <= 1.28

Omron ≫ Nx701-z600 Version-

Omron ≫ Nx701-1720 Firmware Version <= 1.28

Omron ≫ Nx701-1720 Version-

Omron ≫ Nx701-1620 Firmware Version <= 1.28

Omron ≫ Nx701-1620 Version-

Omron ≫ Nx102-1200 Firmware Version <= 1.48

Omron ≫ Nx102-1200 Version-

Omron ≫ Nx102-1100 Firmware Version <= 1.48

Omron ≫ Nx102-1100 Version-

Omron ≫ Nx102-1000 Firmware Version <= 1.48

Omron ≫ Nx102-1000 Version-

Omron ≫ Nx102-1220 Firmware Version <= 1.48

Omron ≫ Nx102-1220 Version-

Omron ≫ Nx102-1120 Firmware Version <= 1.48

Omron ≫ Nx102-1120 Version-

Omron ≫ Nx102-1020 Firmware Version <= 1.48

Omron ≫ Nx102-1020 Version-

Omron ≫ Nx102-9020 Firmware Version <= 1.48

Omron ≫ Nx102-9020 Version-

Omron ≫ Nx1p2-1140dt Firmware Version <= 1.48

Omron ≫ Nx1p2-1140dt Version-

Omron ≫ Nx1p2-1140dt1 Firmware Version <= 1.48

Omron ≫ Nx1p2-1140dt1 Version-

Omron ≫ Nx1p2-1040dt Firmware Version <= 1.48

Omron ≫ Nx1p2-1040dt Version-

Omron ≫ Nx1p2-1040dt1 Firmware Version <= 1.48

Omron ≫ Nx1p2-1040dt1 Version-

Omron ≫ Nx1p2-9024dt Firmware Version <= 1.48

Omron ≫ Nx1p2-9024dt Version-

Omron ≫ Nx1p2-9024dt1 Firmware Version <= 1.48

Omron ≫ Nx1p2-9024dt1 Version-

Omron ≫ Nx1w-cif01 Firmware Version <= 1.48

Omron ≫ Nx1w-cif01 Version-

Omron ≫ Nx1w-cif11 Firmware Version <= 1.48

Omron ≫ Nx1w-cif11 Version-

Omron ≫ Nx1w-cif12 Firmware Version <= 1.48

Omron ≫ Nx1w-cif12 Version-

Omron ≫ Nx1w-adb21 Firmware Version <= 1.48

Omron ≫ Nx1w-adb21 Version-

Omron ≫ Nx1w-dab21v Firmware Version <= 1.48

Omron ≫ Nx1w-dab21v Version-

Omron ≫ Nx1w-mab221 Firmware Version <= 1.48

Omron ≫ Nx1w-mab221 Version-

Omron ≫ Nj501-1500 Firmware Version <= 1.48

Omron ≫ Nj501-1500 Version-

Omron ≫ Nj501-140 Firmware Version <= 1.48

Omron ≫ Nj501-140 Version-

Omron ≫ Nj501-1300 Firmware Version <= 1.48

Omron ≫ Nj501-1300 Version-

Omron ≫ Nj501-r500 Firmware Version <= 1.48

Omron ≫ Nj501-r500 Version-

Omron ≫ Nj501-r520 Firmware Version <= 1.48

Omron ≫ Nj501-r520 Version-

Omron ≫ Nj501-r400 Firmware Version <= 1.48

Omron ≫ Nj501-r400 Version-

Omron ≫ Nj501-r420 Firmware Version <= 1.48

Omron ≫ Nj501-r420 Version-

Omron ≫ Nj501-r300 Firmware Version <= 1.48

Omron ≫ Nj501-r300 Version-

Omron ≫ Nj501-r320 Firmware Version <= 1.48

Omron ≫ Nj501-r320 Version-

Omron ≫ Nj501-5300 Firmware Version <= 1.48

Omron ≫ Nj501-5300 Version-

Omron ≫ Nj501-1520 Firmware Version <= 1.48

Omron ≫ Nj501-1520 Version-

Omron ≫ Nj501-1420 Firmware Version <= 1.48

Omron ≫ Nj501-1420 Version-

Omron ≫ Nj501-1320 Firmware Version <= 1.48

Omron ≫ Nj501-1320 Version-

Omron ≫ Nj101-1020 Firmware Version <= 1.48

Omron ≫ Nj101-1020 Version-

Omron ≫ Nj101-9020 Firmware Version <= 1.48

Omron ≫ Nj101-9020 Version-

Omron ≫ Nj501-1340 Firmware Version <= 1.48

Omron ≫ Nj501-1340 Version-

Omron ≫ Nj501-4500 Firmware Version <= 1.48

Omron ≫ Nj501-4500 Version-

Omron ≫ Nj501-4400 Firmware Version <= 1.48

Omron ≫ Nj501-4400 Version-

Omron ≫ Nj501-4300 Firmware Version <= 1.48

Omron ≫ Nj501-4300 Version-

Omron ≫ Nj501-4310 Firmware Version <= 1.48

Omron ≫ Nj501-4310 Version-

Omron ≫ Nj501-4320 Firmware Version <= 1.48

Omron ≫ Nj501-4320 Version-

Omron ≫ Nj301-1200 Firmware Version < 1.48

Omron ≫ Nj301-1200 Version-

Omron ≫ Nj301-1100 Firmware Version <= 1.48

Omron ≫ Nj301-1100 Version-

Omron ≫ Nj101-1000 Firmware Version <= 1.48

Omron ≫ Nj101-1000 Version-

Omron ≫ Nj101-9000 Firmware Version <= 1.48

Omron ≫ Nj101-9000 Version-

Omron ≫ Nj-pa3001 Firmware Version <= 1.48

Omron ≫ Nj-pa3001 Version-

Omron ≫ Nj-pd3001 Firmware Version <= 1.48

Omron ≫ Nj-pd3001 Version-

Omron ≫ Sysmac Studio Version <= 1.49

Omron ≫ Na5-15w Firmware Version <= 1.15

Omron ≫ Na5-15w Version-

Omron ≫ Na5-12w Firmware Version <= 1.15

Omron ≫ Na5-12w Version-

Omron ≫ Na5-9w Firmware Version <= 1.15

Omron ≫ Na5-9w Version-

Omron ≫ Na5-7w Firmware Version <= 1.15

Omron ≫ Na5-7w Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.75%	0.722

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://jvn.jp/en/vu/JVNVU97050784/index.html

Third Party Advisory

VDB Entry

https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2022-34151

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-34151

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-34151

EUVD