gsd-2022-45790
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-45790",
"id": "GSD-2022-45790"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-45790"
],
"details": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.",
"id": "GSD-2022-45790",
"modified": "2023-12-13T01:19:24.656175Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ot-cert@dragos.com",
"ID": "CVE-2022-45790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CJ-series and CS-series CPU modules",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "CJ2H 0.0",
"version_value": "1.5"
},
{
"version_affected": "\u003c",
"version_name": "CJ2M 0.0",
"version_value": "2.1"
},
{
"version_affected": "\u003c",
"version_name": "CJ1G 0.0",
"version_value": "4.1"
},
{
"version_affected": "\u003c",
"version_name": "CS1H 0.0",
"version_value": "4.1"
},
{
"version_affected": "\u003c",
"version_name": "CS1G 0.0",
"version_value": "4.1"
},
{
"version_affected": "\u003c",
"version_name": "CS1D-H 0.0",
"version_value": "1.4"
},
{
"version_affected": "\u003c",
"version_name": "CP1E-E 0.0",
"version_value": "1.3"
},
{
"version_affected": "\u003c",
"version_name": "CP1E-N 0.0",
"version_value": "1.3"
},
{
"version_affected": "\u003c",
"version_name": "CS1D-P 0.0",
"version_value": "1.4"
}
]
}
}
]
},
"vendor_name": "Omron"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic."
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-307",
"lang": "eng",
"value": "CWE-307 Improper Restriction of Excessive Authentication Attempts"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05",
"refsource": "MISC",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"name": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf",
"refsource": "MISC",
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
},
{
"name": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/",
"refsource": "MISC",
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu45p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA67863-FC31-458A-8AD5-792A28922C4A",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu45p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "109CFDF4-B86B-44BC-88CC-D427EAF0730F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu45p-gtc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD21DC8-93C4-4E98-88FA-C107207F19E6",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu45p-gtc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A08BE49-AD7A-497D-B1C5-351502BEF352",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu44p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC632D7A-DAD4-47B6-95E4-AF4ACBE46BA3",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu44p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DD36CBD-E14D-4119-B956-56C035D41988",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu43p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8780E9-379B-421A-A1AF-9E75BB071956",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu43p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA30DF7-E2FA-4FF9-B481-ADFD555D17E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj1g-cpu42p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59BFE129-33E3-4074-8635-39E721D2B538",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj1g-cpu42p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B79E804-9FCC-4EB5-97E5-DBCFB17D303D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cp1e-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3207ED30-C2E5-4F2F-9F11-BDA3234BE08F",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cp1e-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB26677-9FBC-47F7-9AE0-B81D324144D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cp1e-n_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E956A16D-A1A8-482F-AB83-50CD94621974",
"versionEndExcluding": "1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cp1e-n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6508C8DD-98BE-4345-AB61-0921029C77BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu68_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "808A5522-4334-4047-BDB4-5D8F069D2619",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu68:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE3CB2E-33A8-412F-8BA3-2EFE6680ADA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu67_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C543E-C347-409A-950F-E0D1780A0EAB",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu67:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34974C09-BD68-470A-9E98-5E4B69F9D0AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu66_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3DF59C-AFB2-46C4-A527-EB6C25BD98F2",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu66:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F41E672-1296-43F6-A620-F8D62C01F134",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu65_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB73A3B1-F169-4759-B201-76F5F01FE47F",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu65:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1909B984-6D2B-44A7-AA8E-6619127C17DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu64_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98D2ABC2-D7F4-484E-AB4A-8C966AB58BD4",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5C57458-F47E-4780-90E4-917A43E30642",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu68-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23C13393-3FAE-417F-832C-06C7AF2BE6EF",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu68-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B08AA4C-6F83-4387-A5FD-F49C54D9545F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu67-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6ECE670-AE37-49DC-AFAC-D0331DF0F969",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu67-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4530B900-322D-4B9E-AA34-D63CA546190A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu66-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C04B80AE-5FF4-49D1-ACEB-07C29D334B9F",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu66-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51114B75-A8DD-49F4-8AC3-BA46C1D4F89C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu65-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CE4DB2-D18F-43BE-9D1D-0B359AFB6EEF",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu65-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "871B2A06-6AAC-43DF-AF1A-848E9C804016",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2h-cpu64-eip_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A7D8717-DF20-4564-BA47-166C647E06DD",
"versionEndExcluding": "1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2h-cpu64-eip:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2D2A32-4326-4357-A400-EA26B362D821",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu35_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B252C48-FBA0-47B6-8EB4-9F6932CCC065",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu35:-:*:*:*:*:*:*:*",
"matchCriteriaId": "603BAD60-89F1-4EE9-8413-F301DFC91AFF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu34_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AFD9940-1757-4CCD-80E6-5D7B6EC678D7",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu34:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37C6982F-75F4-497B-8BF9-DC683304B43D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu33_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE6EB28C-1B93-452F-8E42-DE77DC1C8F33",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu33:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED8CAFA-62BB-4AC9-BAEF-C1FD50F57B1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu32_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "982460E1-D03C-42C6-BB4B-985974AB794C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD09E48C-5395-418F-8542-B0C00721CF97",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu31_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94DDE27E-5F33-4CEA-BC34-5A0239714833",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu31:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B09D3A-E765-46FE-8EAF-9A2FCFA42947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu15_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23EEED8D-1C2D-487E-B30A-68CF4B74808C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu15:-:*:*:*:*:*:*:*",
"matchCriteriaId": "812A58CD-8DF2-4917-8AF7-2175A03CAFCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu14_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFB2B0B-BA1C-469C-A71D-CA943454CC48",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu14:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B928D93E-8AEF-4C3F-B7FD-16FFB657D933",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu13_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC38766-0B79-49B5-AC4A-E3EB42D067F1",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu13:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3CAE2B-2362-4BBF-B584-843BEA486724",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "753970E2-A4F3-473D-B2B7-B4313D42756A",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA72EEB-2592-4E9E-BDDE-553A6A5A1CE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-cpu11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DFF3629-1FE4-4F73-8B6C-590A0F649D45",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-cpu11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60CF6C18-6757-4597-848C-084A3AB4B75A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-md211_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62865D17-8B09-4A1A-8FC5-E7C6C2CCEB0C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-md211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5CD1EAA-8BA1-4345-B24C-B25BFDE7EB3F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cj2m-md212_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE8E41C-1DEE-4F8F-9F55-DC1C4D24E8E6",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cj2m-md212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "929D4420-5251-4194-AC7B-B01C0B69D6EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu67s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8378EF77-5D90-47F9-874E-FC34ECBD99BE",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu67s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EEE2E5-D01B-40EF-9719-FAC0F4FCDD1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu65s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D704B88E-BAAA-453A-9809-0811EAE0CD59",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu65s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "924008B4-DB07-4BD8-BF9B-B79BA43CCA6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu44s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A246336D-EF1F-4F83-B56F-E01FA328F45C",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu44s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA01BFBD-F9F4-40EB-A4B9-3666F3631BE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu42s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1585EE13-016E-4AB5-8CFC-6CD3B427CC65",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu42s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA03735-670C-4E7A-9404-EB4E9CA81513",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu65p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F84828C0-E246-404D-A34C-4842EC380D56",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu65p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38224CF8-2691-442D-8F5A-2810F422672A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu67p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07297C1B-F842-4DB9-987B-27321DC7F835",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu67p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A59B88E-8866-4387-BA8F-40B2B3FD9155",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu67h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "255D62C4-59E1-4BFE-8ABF-772D0EF40F87",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu67h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6545-B97B-48F8-8741-A3196ED7B7BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1d-cpu65h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20E75486-EE1B-4156-9C4A-1C3E03C8D8A0",
"versionEndExcluding": "1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1d-cpu65h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43AC4B2B-6ACE-41FB-8B8B-C7FE5E893C71",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu67h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22594DFA-EC3E-4B6F-ACA7-1096E456A3CE",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu67h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79B58E8E-5CDA-4170-9B7C-56CBBC272C6B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu66h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FEEBDB-C613-4BDD-A17C-D60C819C4072",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu66h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0ED33F2-A78A-4F1F-8A76-E8F626EAEC2D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu65h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CC9B70-630C-4D1A-9067-ECE6B89750E8",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu65h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68DF2CCE-355A-4336-B412-42439CF4E26F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu64h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "189CCAEC-29D2-486E-9A23-8025E6CC584B",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu64h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F21E5D96-B125-4A25-93DE-A1C51EDB8EDB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1h-cpu63h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "231731D4-D5A6-46FD-BFBE-55BD36223D00",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1h-cpu63h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "001FD433-8F6F-4C61-A455-AB331EA77138",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu45h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97DFF02C-4C9D-41A9-AE85-EA93157D9AEB",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu45h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A259E70-14D8-4F02-8010-5CCDF1824901",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu44h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "480F37B2-88FD-44CB-BB6C-E1A988866473",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu44h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA7CA6B-0F47-46B7-B3AD-AE715FEA3879",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu43h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F07852CE-C47A-4F96-A59F-5B8B2F758076",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu43h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84076537-1FAD-4AC2-8B7A-241162E60F60",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:cs1g-cpu42h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE8B4FF-0F15-4599-B36A-148944586CDE",
"versionEndExcluding": "4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:cs1g-cpu42h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84973088-08D4-455F-8FFD-208888EB726C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic."
},
{
"lang": "es",
"value": "El protocolo Omron FINS tiene una funci\u00f3n autenticada para evitar el acceso a regiones de memoria. La autenticaci\u00f3n es susceptible a ataques de fuerza bruta, lo que puede permitir que un adversario obtenga acceso a la memoria protegida. Este acceso puede permitir la sobrescritura de valores, incluida la l\u00f3gica programada."
}
],
"id": "CVE-2022-45790",
"lastModified": "2024-01-29T16:37:48.967",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ot-cert@dragos.com",
"type": "Secondary"
}
]
},
"published": "2024-01-22T18:15:19.497",
"references": [
{
"source": "ot-cert@dragos.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05"
},
{
"source": "ot-cert@dragos.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/"
},
{
"source": "ot-cert@dragos.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf"
}
],
"sourceIdentifier": "ot-cert@dragos.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "ot-cert@dragos.com",
"type": "Secondary"
}
]
}
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.