Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:15 a.m.14 views

CVE-2022-29951

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol configurable on ports 1024-65534 on either TCP or UDP for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing...

9.1CVSS7AI score0.00982EPSS
Exploits0References1
CVE
CVE
added 2022/07/26 9:4 p.m.84 views

CVE-2022-29951

CVE-2022-29951 affects JTEKT TOYOPUC PLCs (CMPLink/TCP protocol) up to 2022-04-29. The CMPLink/TCP service on ports 1024–65534 (TCP/UDP) has no authentication, enabling a remote attacker capable of communicating with the port to invoke a subset of functions (start/stop PLC, upload/download projec...

9.1CVSS9.2AI score0.00982EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/06/23 12:0 a.m.39 views

JTEKT TOYOPUC Missing Authentication For Critical Function (CVE-2022-29951, CVE-2022-29958)

The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...

9.8CVSS8.2AI score0.00982EPSS
Exploits0References5
ICS
ICS
added 2022/06/21 12:0 a.m.81 views

JTEKT TOYOPUC

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely Vendor: JTEKT Equipment: TOYOPUC Products Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology OT...

9.8CVSS10AI score0.00982EPSS
Exploits0References4
Rows per page
Query Builder