Authentication flaw

2022-07-0402:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

30.7%

JSON

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an adjacent attacker who can analyze the communication between the controller and the specific software used by OMRON internally to cause a denial-of-service (DoS) condition or execute a malicious program.

CPENameOperatorVersion
nj-pa3001_firmwarele1.48
nj-pd3001_firmwarele1.48
nj101-1000_firmwarele1.48
nj101-1020_firmwarele1.48
nj101-9000_firmwarele1.48
nj101-9020_firmwarele1.48
nj301-1100_firmwarele1.48
nj301-1200_firmwarelt1.48
nj501-1300_firmwarele1.48
nj501-1320_firmwarele1.48

Name	Operator	Version
nj-pa3001_firmware	le	1.48
nj-pd3001_firmware	le	1.48
nj101-1000_firmware	le	1.48
nj101-1020_firmware	le	1.48
nj101-9000_firmware	le	1.48
nj101-9020_firmware	le	1.48
nj301-1100_firmware	le	1.48
nj301-1200_firmware	lt	1.48
nj501-1300_firmware	le	1.48
nj501-1320_firmware	le	1.48