Search criteria
3 vulnerabilities found for cs1d-cpu65p_firmware by omron
FKIE_CVE-2022-45790
Vulnerability from fkie_nvd - Published: 2024-01-22 18:15 - Updated: 2024-11-21 07:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.
References
| URL | Tags | ||
|---|---|---|---|
| ot-cert@dragos.com | https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05 | Third Party Advisory, US Government Resource | |
| ot-cert@dragos.com | https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/ | Third Party Advisory | |
| ot-cert@dragos.com | https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu45p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA67863-FC31-458A-8AD5-792A28922C4A",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu45p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109CFDF4-B86B-44BC-88CC-D427EAF0730F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu45p-gtc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD21DC8-93C4-4E98-88FA-C107207F19E6",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu45p-gtc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A08BE49-AD7A-497D-B1C5-351502BEF352",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu44p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC632D7A-DAD4-47B6-95E4-AF4ACBE46BA3",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu44p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD36CBD-E14D-4119-B956-56C035D41988",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu43p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8780E9-379B-421A-A1AF-9E75BB071956",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu43p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA30DF7-E2FA-4FF9-B481-ADFD555D17E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu42p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59BFE129-33E3-4074-8635-39E721D2B538",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu42p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B79E804-9FCC-4EB5-97E5-DBCFB17D303D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cp1e-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3207ED30-C2E5-4F2F-9F11-BDA3234BE08F",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cp1e-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB26677-9FBC-47F7-9AE0-B81D324144D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cp1e-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E956A16D-A1A8-482F-AB83-50CD94621974",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cp1e-n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6508C8DD-98BE-4345-AB61-0921029C77BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu68_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808A5522-4334-4047-BDB4-5D8F069D2619",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu68:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE3CB2E-33A8-412F-8BA3-2EFE6680ADA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu67_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C543E-C347-409A-950F-E0D1780A0EAB",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu67:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34974C09-BD68-470A-9E98-5E4B69F9D0AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu66_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3DF59C-AFB2-46C4-A527-EB6C25BD98F2",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu66:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F41E672-1296-43F6-A620-F8D62C01F134",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu65_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB73A3B1-F169-4759-B201-76F5F01FE47F",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu65:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1909B984-6D2B-44A7-AA8E-6619127C17DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu64_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98D2ABC2-D7F4-484E-AB4A-8C966AB58BD4",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C57458-F47E-4780-90E4-917A43E30642",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu68-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C13393-3FAE-417F-832C-06C7AF2BE6EF",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu68-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B08AA4C-6F83-4387-A5FD-F49C54D9545F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu67-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6ECE670-AE37-49DC-AFAC-D0331DF0F969",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu67-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4530B900-322D-4B9E-AA34-D63CA546190A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu66-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C04B80AE-5FF4-49D1-ACEB-07C29D334B9F",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu66-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51114B75-A8DD-49F4-8AC3-BA46C1D4F89C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu65-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CE4DB2-D18F-43BE-9D1D-0B359AFB6EEF",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu65-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871B2A06-6AAC-43DF-AF1A-848E9C804016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu64-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A7D8717-DF20-4564-BA47-166C647E06DD",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu64-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2D2A32-4326-4357-A400-EA26B362D821",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu35_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B252C48-FBA0-47B6-8EB4-9F6932CCC065",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "603BAD60-89F1-4EE9-8413-F301DFC91AFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu34_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AFD9940-1757-4CCD-80E6-5D7B6EC678D7",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu34:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C6982F-75F4-497B-8BF9-DC683304B43D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu33_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6EB28C-1B93-452F-8E42-DE77DC1C8F33",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu33:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED8CAFA-62BB-4AC9-BAEF-C1FD50F57B1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu32_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "982460E1-D03C-42C6-BB4B-985974AB794C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD09E48C-5395-418F-8542-B0C00721CF97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94DDE27E-5F33-4CEA-BC34-5A0239714833",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B09D3A-E765-46FE-8EAF-9A2FCFA42947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23EEED8D-1C2D-487E-B30A-68CF4B74808C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "812A58CD-8DF2-4917-8AF7-2175A03CAFCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFB2B0B-BA1C-469C-A71D-CA943454CC48",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B928D93E-8AEF-4C3F-B7FD-16FFB657D933",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC38766-0B79-49B5-AC4A-E3EB42D067F1",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3CAE2B-2362-4BBF-B584-843BEA486724",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "753970E2-A4F3-473D-B2B7-B4313D42756A",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA72EEB-2592-4E9E-BDDE-553A6A5A1CE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DFF3629-1FE4-4F73-8B6C-590A0F649D45",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60CF6C18-6757-4597-848C-084A3AB4B75A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-md211_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62865D17-8B09-4A1A-8FC5-E7C6C2CCEB0C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-md211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CD1EAA-8BA1-4345-B24C-B25BFDE7EB3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-md212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE8E41C-1DEE-4F8F-9F55-DC1C4D24E8E6",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-md212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929D4420-5251-4194-AC7B-B01C0B69D6EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu67s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8378EF77-5D90-47F9-874E-FC34ECBD99BE",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu67s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EEE2E5-D01B-40EF-9719-FAC0F4FCDD1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu65s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D704B88E-BAAA-453A-9809-0811EAE0CD59",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu65s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "924008B4-DB07-4BD8-BF9B-B79BA43CCA6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu44s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A246336D-EF1F-4F83-B56F-E01FA328F45C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu44s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA01BFBD-F9F4-40EB-A4B9-3666F3631BE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu42s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1585EE13-016E-4AB5-8CFC-6CD3B427CC65",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu42s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA03735-670C-4E7A-9404-EB4E9CA81513",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu65p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F84828C0-E246-404D-A34C-4842EC380D56",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu65p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38224CF8-2691-442D-8F5A-2810F422672A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu67p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07297C1B-F842-4DB9-987B-27321DC7F835",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu67p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A59B88E-8866-4387-BA8F-40B2B3FD9155",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu67h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "255D62C4-59E1-4BFE-8ABF-772D0EF40F87",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu67h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6545-B97B-48F8-8741-A3196ED7B7BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu65h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20E75486-EE1B-4156-9C4A-1C3E03C8D8A0",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu65h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43AC4B2B-6ACE-41FB-8B8B-C7FE5E893C71",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu67h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22594DFA-EC3E-4B6F-ACA7-1096E456A3CE",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu67h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79B58E8E-5CDA-4170-9B7C-56CBBC272C6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu66h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FEEBDB-C613-4BDD-A17C-D60C819C4072",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu66h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0ED33F2-A78A-4F1F-8A76-E8F626EAEC2D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu65h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CC9B70-630C-4D1A-9067-ECE6B89750E8",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu65h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DF2CCE-355A-4336-B412-42439CF4E26F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu64h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "189CCAEC-29D2-486E-9A23-8025E6CC584B",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu64h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F21E5D96-B125-4A25-93DE-A1C51EDB8EDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu63h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "231731D4-D5A6-46FD-BFBE-55BD36223D00",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu63h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "001FD433-8F6F-4C61-A455-AB331EA77138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu45h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97DFF02C-4C9D-41A9-AE85-EA93157D9AEB",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu45h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A259E70-14D8-4F02-8010-5CCDF1824901",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu44h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "480F37B2-88FD-44CB-BB6C-E1A988866473",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu44h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA7CA6B-0F47-46B7-B3AD-AE715FEA3879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu43h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F07852CE-C47A-4F96-A59F-5B8B2F758076",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu43h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84076537-1FAD-4AC2-8B7A-241162E60F60",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu42h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE8B4FF-0F15-4599-B36A-148944586CDE",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu42h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84973088-08D4-455F-8FFD-208888EB726C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic."
},
{
"lang": "es",
"value": "El protocolo Omron FINS tiene una funci\u00f3n autenticada para evitar el acceso a regiones de memoria. La autenticaci\u00f3n es susceptible a ataques de fuerza bruta, lo que puede permitir que un adversario obtenga acceso a la memoria protegida. Este acceso puede permitir la sobrescritura de valores, incluida la l\u00f3gica programada."
}
],
"id": "CVE-2022-45790",
"lastModified": "2024-11-21T07:29:43.447",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ot-cert@dragos.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-22T18:15:19.497",
"references": [
{
"source": "ot-cert@dragos.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"source": "ot-cert@dragos.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
},
{
"source": "ot-cert@dragos.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
}
],
"sourceIdentifier": "ot-cert@dragos.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "ot-cert@dragos.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-45790 (GCVE-0-2022-45790)
Vulnerability from cvelistv5 – Published: 2024-01-22 17:22 – Updated: 2024-11-13 16:53
VLAI?
Summary
The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.
Severity ?
8.6 (High)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Omron | CJ-series and CS-series CPU modules |
Affected:
CJ2H 0.0 , < 1.5
(custom)
Affected: CJ2M 0.0 , < 2.1 (custom) Affected: CJ1G 0.0 , < 4.1 (custom) Affected: CS1H 0.0 , < 4.1 (custom) Affected: CS1G 0.0 , < 4.1 (custom) Affected: CS1D-H 0.0 , < 1.4 (custom) Affected: CP1E-E 0.0 , < 1.3 (custom) Affected: CP1E-N 0.0 , < 1.3 (custom) Affected: CS1D-P 0.0 , < 1.4 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:17:04.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-25T20:23:52.957365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T16:53:38.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CJ-series and CS-series CPU modules",
"vendor": "Omron",
"versions": [
{
"lessThan": "1.5",
"status": "affected",
"version": "CJ2H 0.0",
"versionType": "custom"
},
{
"lessThan": "2.1",
"status": "affected",
"version": "CJ2M 0.0",
"versionType": "custom"
},
{
"lessThan": "4.1",
"status": "affected",
"version": "CJ1G 0.0",
"versionType": "custom"
},
{
"lessThan": "4.1",
"status": "affected",
"version": "CS1H 0.0",
"versionType": "custom"
},
{
"lessThan": "4.1",
"status": "affected",
"version": "CS1G 0.0",
"versionType": "custom"
},
{
"lessThan": "1.4",
"status": "affected",
"version": "CS1D-H 0.0",
"versionType": "custom"
},
{
"lessThan": "1.3",
"status": "affected",
"version": "CP1E-E 0.0",
"versionType": "custom"
},
{
"lessThan": "1.3",
"status": "affected",
"version": "CP1E-N 0.0",
"versionType": "custom"
},
{
"lessThan": "1.4",
"status": "affected",
"version": "CS1D-P 0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic."
}
],
"value": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic."
}
],
"impacts": [
{
"capecId": "CAPEC-629",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-629 Unauthorized Use of Device Resources"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-22T17:22:14.476Z",
"orgId": "12bdf821-1545-4a87-aac5-61670cc6fcef",
"shortName": "Dragos"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
},
{
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Omron FINS memory protection susceptible to bruteforce",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "12bdf821-1545-4a87-aac5-61670cc6fcef",
"assignerShortName": "Dragos",
"cveId": "CVE-2022-45790",
"datePublished": "2024-01-22T17:22:14.476Z",
"dateReserved": "2022-11-22T17:52:43.198Z",
"dateUpdated": "2024-11-13T16:53:38.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45790 (GCVE-0-2022-45790)
Vulnerability from nvd – Published: 2024-01-22 17:22 – Updated: 2024-11-13 16:53
VLAI?
Summary
The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.
Severity ?
8.6 (High)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Omron | CJ-series and CS-series CPU modules |
Affected:
CJ2H 0.0 , < 1.5
(custom)
Affected: CJ2M 0.0 , < 2.1 (custom) Affected: CJ1G 0.0 , < 4.1 (custom) Affected: CS1H 0.0 , < 4.1 (custom) Affected: CS1G 0.0 , < 4.1 (custom) Affected: CS1D-H 0.0 , < 1.4 (custom) Affected: CP1E-E 0.0 , < 1.3 (custom) Affected: CP1E-N 0.0 , < 1.3 (custom) Affected: CS1D-P 0.0 , < 1.4 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:17:04.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-25T20:23:52.957365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T16:53:38.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CJ-series and CS-series CPU modules",
"vendor": "Omron",
"versions": [
{
"lessThan": "1.5",
"status": "affected",
"version": "CJ2H 0.0",
"versionType": "custom"
},
{
"lessThan": "2.1",
"status": "affected",
"version": "CJ2M 0.0",
"versionType": "custom"
},
{
"lessThan": "4.1",
"status": "affected",
"version": "CJ1G 0.0",
"versionType": "custom"
},
{
"lessThan": "4.1",
"status": "affected",
"version": "CS1H 0.0",
"versionType": "custom"
},
{
"lessThan": "4.1",
"status": "affected",
"version": "CS1G 0.0",
"versionType": "custom"
},
{
"lessThan": "1.4",
"status": "affected",
"version": "CS1D-H 0.0",
"versionType": "custom"
},
{
"lessThan": "1.3",
"status": "affected",
"version": "CP1E-E 0.0",
"versionType": "custom"
},
{
"lessThan": "1.3",
"status": "affected",
"version": "CP1E-N 0.0",
"versionType": "custom"
},
{
"lessThan": "1.4",
"status": "affected",
"version": "CS1D-P 0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic."
}
],
"value": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic."
}
],
"impacts": [
{
"capecId": "CAPEC-629",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-629 Unauthorized Use of Device Resources"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-22T17:22:14.476Z",
"orgId": "12bdf821-1545-4a87-aac5-61670cc6fcef",
"shortName": "Dragos"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
},
{
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Omron FINS memory protection susceptible to bruteforce",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "12bdf821-1545-4a87-aac5-61670cc6fcef",
"assignerShortName": "Dragos",
"cveId": "CVE-2022-45790",
"datePublished": "2024-01-22T17:22:14.476Z",
"dateReserved": "2022-11-22T17:52:43.198Z",
"dateUpdated": "2024-11-13T16:53:38.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}