Lucene search
+L

33 matches found

NVD
NVD
added 2022/07/26 10:15 p.m.16 views

CVE-2022-31206

The Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software which compiles IEC 61131-3 conformant POU code to native machine code for execution...

9.8CVSS0.00858EPSS
Exploits0References2
Prion
Prion
added 2022/07/26 10:15 p.m.19 views

Authentication flaw

The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...

7.5CVSS9.9AI score0.00767EPSS
Exploits0References2Affected Software6
Prion
Prion
added 2022/07/26 10:15 p.m.21 views

Design/Logic Flaw

The Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software which compiles IEC 61131-3 conformant POU code to native machine code for execution...

7.5CVSS9.8AI score0.00858EPSS
Exploits0References2Affected Software25
Cvelist
Cvelist
added 2022/07/26 9:28 p.m.22 views

CVE-2022-31207

The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...

10AI score0.00767EPSS
Exploits0References2
CVE
CVE
added 2022/07/26 9:28 p.m.95 views

CVE-2022-31206

CVE-2022-31206 affects Omron SYSMAC Nx product family PLCs (NJ/NY/NX/PMAC) prior to 2022-05-18. The issue is that the transferred PLC logic is not cryptographically authenticated, allowing an attacker to modify transmitted object code and execute arbitrary machine code on the PLC CPU module withi...

9.8CVSS9.7AI score0.00858EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.5 views

Omron SYSMAC CS/CJ/CP Series 和 NJ/NX Series 数据伪造问题漏洞

Omron SYSMAC CS/CJ/CP Series and Omron SYSMAC NJ/NX Series are products of Omron Corporation, Japan.Omron SYSMAC CS/CJ/CP Series is a series of programmable controllers.Omron SYSMAC NJ/NX Series is a series of machine automation controllers. Omron SYSMAC NJ/NX Series is a series of machine...

9.8CVSS8.8AI score0.00767EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.7 views

Omron SYSMAC CS/CJ/CP Series 和 NJ/NX Series 安全漏洞

Omron SYSMAC CS/CJ/CP Series and Omron SYSMAC NJ/NX Series are products of Omron Corporation, Japan.Omron SYSMAC CS/CJ/CP Series is a series of programmable controllers.Omron SYSMAC NJ/NX Series is a series of machine automation controllers. Omron SYSMAC NJ/NX Series is a series of machine...

7.5CVSS7.3AI score0.00533EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.6 views

PT-2022-3093 · Omron · Omron Sysmac Cx

Name of the Vulnerable Software and Affected Versions: Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 Description: The issue is related to a lack of cryptographic authentication in the Omron FINS 9600/TCP protocol used for engineering purposes, includin...

9.8CVSS9.6AI score0.00767EPSS
Exploits0References8
CISA
CISA
added 2022/06/22 12:0 a.m.25 views

CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report

CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography ...

1.7AI score
Exploits0References19
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.5 views

PT-2022-3094 · Omron · Sysmac Studio +1

Name of the Vulnerable Software and Affected Versions: Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 Description: The issue is related to the lack of cryptographic authentication in the Omron SYSMAC Nx product family PLCs. This allows an...

9.8CVSS9.5AI score0.00858EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/06/22 12:0 a.m.48 views

Omron SYSMAC CS/CJ/CP Series and NJ/NX Series Cleartext Transmission of Sensitive Information (CVE-2022-31204, CVE-2022-31207)

The device may be vulnerable to flaws related to OT:ICEFALL. These vulnerabilities identify the insecure-by-design nature of OT devices and may not have a clear remediation path. As such, Nessus is unable to test specifically for these vulnerabilities but has identified the device to be one that...

9.8CVSS8AI score0.00858EPSS
Exploits0References5
ICS
ICS
added 2022/05/25 12:0 p.m.45 views

APT Cyber Tools Targeting ICS/SCADA Devices

Summary Actions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-uniqu...

5.5CVSS9.2AI score0.01349EPSS
Exploits1References124
ThreatPost
ThreatPost
added 2022/04/14 3:57 p.m.70 views

Feds: APTs Have Tools That Can Take Over Critical Infrastructure

Threat actors have built and are ready to deploy tools that can take over a number of widely used industrial control system ICS devices, which spells trouble for critical infrastructure providers—particularly those in the energy sector, federal agencies have warned. In a joint advisory, the...

6.1CVSS6AI score0.01349EPSS
Exploits1References6
Rows per page
Query Builder