Lucene search
K

57 matches found

ICS
ICS
added 2022/11/10 12:0 a.m.45 views

Omron NJ/NX-series Machine Automation Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Omron Equipment: NJ/NX-series Controllers and Software Vulnerabilities: Hard-coded Credentials, Authentication Bypass by Capture-replay 2. RISK EVALUATION Successful...

9.4CVSS8.7AI score0.01769EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.9 views

The vulnerability lies in the communication functions between the Omron NJ/NX automation controller, the Omron Sysmac Studio automation software, and the programmable terminal Omron NA. This vulnerability allows a perpetrator to gain access to the controller.

The vulnerability of the communication functions between Omron NJ/NX automation controllers, the Omron Sysmac Studio automation software, and the programmable terminal Omron NA lies in the ability to bypass the authentication process by using capture-replay techniques for intercepted parameters...

6.8CVSS7.5AI score0.01769EPSS
Exploits0References4Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.8 views

The vulnerability lies in the communication functions between the Omron NJ/NX automation controller, the Omron Sysmac Studio automation software, and the programmable terminal Omron NA. This vulnerability allows a perpetrator to gain access to the controller.

The vulnerability of communication functions between Omron NJ/NX automation controllers, Omron Sysmac Studio automation software, and Omron NA programmable terminals is related to the use of rigidly encoded account data. Exploiting this vulnerability can allow a malicious actor to gain access to...

7.7CVSS7.5AI score0.0131EPSS
Exploits0References5Affected Software8
ATTACKERKB
ATTACKERKB
added 2022/07/04 2:15 a.m.126 views

CVE-2022-34151

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac...

8.1CVSS7.4AI score0.0131EPSS
In wildExploits0References3Affected Software1
NVD
NVD
added 2022/07/04 2:15 a.m.40 views

CVE-2022-34151

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac...

9.4CVSS0.0131EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/04 2:15 a.m.2 views

CVE-2022-33208

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...

8.1CVSS5.8AI score0.01769EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/04 2:15 a.m.4 views

CVE-2022-34151

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac...

8.1CVSS7.3AI score0.0131EPSS
Exploits0References2
OSV
OSV
added 2022/07/04 2:15 a.m.4 views

CVE-2022-33208

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...

8.1CVSS7.3AI score0.01769EPSS
Exploits0References2
NVD
NVD
added 2022/07/04 2:15 a.m.27 views

CVE-2022-33208

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...

8.1CVSS0.01769EPSS
Exploits0References2
Prion
Prion
added 2022/07/04 2:15 a.m.28 views

Hardcoded credentials

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac...

6.8CVSS7.9AI score0.0131EPSS
Exploits0References2Affected Software57
CVE
CVE
added 2022/07/04 1:51 a.m.210 views

CVE-2022-34151

CVE-2022-34151 affects Omron NJ/NX-series Machine Automation Controllers, Sysmac Studio, and NA-series PTs. Root cause: hard-coded credentials in affected components may let a remote attacker obtain credentials and access the controller. Affected versions: NJ/NX controllers (NJ1/NJ series up to v...

9.4CVSS7.9AI score0.0131EPSS
In wildExploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/04 1:51 a.m.7 views

CVE-2022-34151

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac...

7.3AI score0.0131EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/04 1:50 a.m.49 views

CVE-2022-33208

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software...

8.2AI score0.01769EPSS
Exploits0References2
CVE
CVE
added 2022/07/04 1:50 a.m.98 views

CVE-2022-33208

CVE-2022-33208 is an authentication bypass by capture-replay affecting Omron NJ/NX-series Machine Automation Controllers (NJ 1.48 and earlier; NX7 1.28 and earlier; NX1 1.48 and earlier), Sysmac Studio (≤1.49), and NA-series PT runtimes (NA5-15W/12W/9W/7W ≤1.15). A remote attacker who can analyze...

8.1CVSS7.9AI score0.01769EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/07/04 12:0 a.m.4 views

多款Omron产品安全漏洞

Omron Machine automation controller NX7 series and so on are the products of Omron Corporation of Japan.Omron Machine automation controller NX7 series is a series of machine automation controllers.Omron Machine Omron Machine automation controller NX1 series is a series of machine automation...

8.1CVSS8AI score0.01769EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.4 views

PT-2022-3094 · Omron · Sysmac Studio +1

Name of the Vulnerable Software and Affected Versions: Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 Description: The issue is related to the lack of cryptographic authentication in the Omron SYSMAC Nx product family PLCs. This allows an...

9.8CVSS9.5AI score0.00858EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/06/21 12:0 a.m.21 views

PT-2022-3476 · Omron · Sysmac Studio +4

Name of the Vulnerable Software and Affected Versions: Machine automation controller NJ series versions 1.48 and earlier Machine automation controller NX7 series versions 1.28 and earlier Machine automation controller NX1 series versions 1.48 and earlier Automation software 'Sysmac Studio' versio...

8.1CVSS7.8AI score0.0131EPSS
Exploits0References8
Rows per page
Query Builder