Details of VAR-202207-0036

ID

VAR-202207-0036

CVE

CVE-2022-33208

TITLE

Multiple vulnerabilities in multiple Omron products

Trust: 0.8

sources: JVNDB: JVNDB-2022-002691

DESCRIPTION

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who can analyze the communication between the affected controller and automation software 'Sysmac Studio' and/or a Programmable Terminal (PT) to access the controller. * Using hardcoded credentials ( CWE-798 ) - CVE-2022-34151 It was * Capture-Replay Authentication evasion by ( CWE-294 ) - CVE-2022-33208 It was * Presence of debug code available ( CWE-489 ) - CVE-2022-33971 This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but may include: * Unauthorized access to the controller product by a third party who has obtained authentication information by analyzing the product in advance. - CVE-2022-33208 It was * Disruption of service operation ( DoS ) attacks and malicious programs are executed - CVE-2022-33971. are all products of Japan's Omron (Omron). A remote attacker could exploit this vulnerability to bypass the authentication process

Trust: 1.8

sources: NVD: CVE-2022-33208 // JVNDB: JVNDB-2022-002691 // VULHUB: VHN-426449 // VULMON: CVE-2022-33208

AFFECTED PRODUCTS

vendor:	omron	model:	nx1w-cif01	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-5300	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1p2-1140dt	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-1520	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx701-1600	scope:	lte	version:	1.28	Trust: 1.0
vendor:	omron	model:	nj501-r520	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-4500	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx102-1000	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-r300	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-4300	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-1500	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-r420	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	na5-15w	scope:	lte	version:	1.15	Trust: 1.0
vendor:	omron	model:	nj501-1420	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj-pd3001	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj101-1020	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1p2-9024dt1	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj101-9000	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx701-z600	scope:	lte	version:	1.28	Trust: 1.0
vendor:	omron	model:	nx102-1200	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-1300	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	sysmac studio	scope:	lte	version:	1.49	Trust: 1.0
vendor:	omron	model:	nj501-1320	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-r500	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-4310	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx102-1100	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	na5-7w	scope:	lte	version:	1.15	Trust: 1.0
vendor:	omron	model:	nj501-140	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	na5-12w	scope:	lte	version:	1.15	Trust: 1.0
vendor:	omron	model:	nx102-1020	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj301-1100	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj101-1000	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1w-mab221	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx701-1720	scope:	lte	version:	1.28	Trust: 1.0
vendor:	omron	model:	nx701-z700	scope:	lte	version:	1.28	Trust: 1.0
vendor:	omron	model:	nx701-1620	scope:	lte	version:	1.28	Trust: 1.0
vendor:	omron	model:	nx1w-cif12	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1p2-1040dt1	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj101-9020	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj301-1200	scope:	lt	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj-pa3001	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1w-adb21	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-4400	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx102-1220	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1p2-9024dt	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1w-cif11	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-4320	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx102-9020	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1p2-1040dt	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	na5-9w	scope:	lte	version:	1.15	Trust: 1.0
vendor:	omron	model:	nj501-1340	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx102-1120	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-r400	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1p2-1140dt1	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nj501-r320	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx1w-dab21v	scope:	lte	version:	1.48	Trust: 1.0
vendor:	omron	model:	nx701-1700	scope:	lte	version:	1.28	Trust: 1.0
vendor:	オムロン株式会社	model:	オートメーションソフトウェア sysmac studio	scope:	-	version:	-	Trust: 0.8
vendor:	オムロン株式会社	model:	プログラマブルターミナル na シリーズ	scope:	-	version:	-	Trust: 0.8
vendor:	オムロン株式会社	model:	マシンオートメーションコントローラ nx シリーズ	scope:	-	version:	-	Trust: 0.8
vendor:	オムロン株式会社	model:	マシンオートメーションコントローラ nj シリーズ	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-002691 // NVD: CVE-2022-33208

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-33208
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2022-002691
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202207-355
value:	HIGH
Trust: 0.6
VULHUB:	VHN-426449
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-33208
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-33208
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-426449
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-33208
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2022-002691
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-426449 // VULMON: CVE-2022-33208 // JVNDB: JVNDB-2022-002691 // CNNVD: CNNVD-202207-355 // NVD: CVE-2022-33208

PROBLEMTYPE DATA

problemtype:	CWE-294	Trust: 1.1
problemtype:	Capture-replay authentication evasion by (CWE-294) [ others ]	Trust: 0.8
problemtype:	debug code in active state (CWE-489) [ others ]	Trust: 0.8
problemtype:	Use hard-coded credentials (CWE-798) [ others ]	Trust: 0.8

sources: VULHUB: VHN-426449 // JVNDB: JVNDB-2022-002691 // NVD: CVE-2022-33208

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202207-355

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202207-355

PATCH

title:	machine automation controller NJ/NX Authentication Bypass Vulnerability in Communication Function of Series Omron Corporation	url:	https://www.fa.omron.co.jp/product/vulnerability/OMSR-2022-001_ja.pdf	Trust: 0.8
title:	Multiple Omron Product security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=200205	Trust: 0.6

sources: JVNDB: JVNDB-2022-002691 // CNNVD: CNNVD-202207-355

EXTERNAL IDS

db:	NVD	id:	CVE-2022-33208	Trust: 3.4
db:	JVN	id:	JVNVU97050784	Trust: 2.6
db:	JVNDB	id:	JVNDB-2022-002691	Trust: 1.4
db:	USCERT	id:	AA22-103A	Trust: 0.8
db:	CNNVD	id:	CNNVD-202207-355	Trust: 0.7
db:	CS-HELP	id:	SB2022070405	Trust: 0.6
db:	VULHUB	id:	VHN-426449	Trust: 0.1
db:	VULMON	id:	CVE-2022-33208	Trust: 0.1

sources: VULHUB: VHN-426449 // VULMON: CVE-2022-33208 // JVNDB: JVNDB-2022-002691 // CNNVD: CNNVD-202207-355 // NVD: CVE-2022-33208

REFERENCES

url:	https://jvn.jp/en/vu/jvnvu97050784/index.html	Trust: 1.8
url:	https://www.ia.omron.com/product/vulnerability/omsr-2022-001_en.pdf	Trust: 1.8
url:	https://jvn.jp/vu/jvnvu97050784/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-34151	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-33208	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-33971	Trust: 0.8
url:	https://www.cisa.gov/uscert/ncas/alerts/aa22-103a	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022070405	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-33208/	Trust: 0.6
url:	https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002691.html	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/294.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-426449 // VULMON: CVE-2022-33208 // JVNDB: JVNDB-2022-002691 // CNNVD: CNNVD-202207-355 // NVD: CVE-2022-33208

SOURCES

db:	VULHUB	id:	VHN-426449
db:	VULMON	id:	CVE-2022-33208
db:	JVNDB	id:	JVNDB-2022-002691
db:	CNNVD	id:	CNNVD-202207-355
db:	NVD	id:	CVE-2022-33208

LAST UPDATE DATE

2024-08-14T14:49:43.088000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-426449	date:	2022-07-15T00:00:00
db:	VULMON	id:	CVE-2022-33208	date:	2022-07-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-002691	date:	2022-11-09T08:53:00
db:	CNNVD	id:	CNNVD-202207-355	date:	2022-11-10T00:00:00
db:	NVD	id:	CVE-2022-33208	date:	2022-07-15T17:06:55.383

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-426449	date:	2022-07-04T00:00:00
db:	VULMON	id:	CVE-2022-33208	date:	2022-07-04T00:00:00
db:	JVNDB	id:	JVNDB-2022-002691	date:	2022-11-09T00:00:00
db:	CNNVD	id:	CNNVD-202207-355	date:	2022-07-04T00:00:00
db:	NVD	id:	CVE-2022-33208	date:	2022-07-04T02:15:07.570