Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-34151
Vulnerability from cvelistv5
Published
2022-07-04 01:51
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU97050784/index.html | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/vu/JVNVU97050784/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OMRON Corporation | Machine automation controller NJ series, Machine automation controller NX series, Automation software 'Sysmac Studio', and Programmable Terminal (PT) NA series |
Version: Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:16:17.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Machine automation controller NJ series, Machine automation controller NX series, Automation software \u0027Sysmac Studio\u0027, and Programmable Terminal (PT) NA series",
"vendor": "OMRON Corporation",
"versions": [
{
"status": "affected",
"version": "Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-04T02:25:19",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-34151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Machine automation controller NJ series, Machine automation controller NX series, Automation software \u0027Sysmac Studio\u0027, and Programmable Terminal (PT) NA series",
"version": {
"version_data": [
{
"version_value": "Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier"
}
]
}
}
]
},
"vendor_name": "OMRON Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf",
"refsource": "MISC",
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
},
{
"name": "https://jvn.jp/en/vu/JVNVU97050784/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-34151",
"datePublished": "2022-07-04T01:51:00",
"dateReserved": "2022-06-21T00:00:00",
"dateUpdated": "2024-08-03T08:16:17.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-34151\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2022-07-04T02:15:07.727\",\"lastModified\":\"2024-11-21T07:08:57.393\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de uso de credenciales embebidas en el controlador de automatizaci\u00f3n de M\u00e1quinas serie NJ todos los modelos Versiones 1.48 y anteriores, el controlador de automatizaci\u00f3n de M\u00e1quinas serie NX7 todos los modelos Versiones 1.28 y anteriores, el controlador de automatizaci\u00f3n de M\u00e1quinas serie NX1 todos los modelos Versiones 1.48 y anteriores, el software de automatizaci\u00f3n \\\"Sysmac Studio\\\" todos los modelos Versiones 1. 49 y anteriores, y Terminal programable (PT) serie NA5-15W/NA5-12W/NA5-9W/NA5-7W modelos Runtime Versiones 1.15 y anteriores, lo que puede permitir a un atacante remoto que haya obtenido con \u00e9xito las credenciales de usuario mediante el an\u00e1lisis del producto afectado acceder al controlador\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx701-1600_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.28\",\"matchCriteriaId\":\"C32C9A6D-2AF6-4005-AD33-E54B2726A769\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx701-1600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A613C260-184B-4131-B2EC-656D8322F86B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx701-1700_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.28\",\"matchCriteriaId\":\"929C2ED9-5BBD-4585-A95F-A3C5F12C5376\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx701-1700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"753A218D-C738-42E5-B523-ED7CACCAEC82\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx701-z700_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.28\",\"matchCriteriaId\":\"B87C2BC4-8CDE-42CA-B0D3-EEBEAD0BCECF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx701-z700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36F25E10-A76C-4A16-B72B-4B9E572EDBAB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx701-z600_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.28\",\"matchCriteriaId\":\"586D8ACC-BD51-403C-AAF6-55392741D582\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx701-z600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90B7C106-4C14-4C0A-BA78-9A3DD63EF576\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx701-1720_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.28\",\"matchCriteriaId\":\"67236B5C-8045-4413-8767-1F0904EF6E7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx701-1720:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2434BE7E-3E5D-48A9-838C-BCC6055135F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx701-1620_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.28\",\"matchCriteriaId\":\"1805212B-75E3-4443-A7D4-B889EA53721A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx701-1620:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"210D7FA7-18A3-45B7-976B-9DEDC59294C7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx102-1200_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"91116EDD-1D61-4D78-9367-C78E80E85BE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx102-1200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8A6528B-2160-4CE4-88B2-EC69DB5797B4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx102-1100_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"EEA800B1-6E43-45C8-833E-744831490B98\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx102-1100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1E68759-07B1-4F7B-8EF8-0429C8CFCAAF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx102-1000_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"509A80E2-0FE2-4E65-A276-351953EA403D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx102-1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D01F33E2-E10C-4B3F-9326-7022924423DB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx102-1220_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"D3A572C4-8EDA-4A4D-9358-9E2313F9D71A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx102-1220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE463BB1-BE67-4D80-8FE7-85F960945AF5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx102-1120_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"960BC2F9-7B36-419A-BEF6-1895666422A2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx102-1120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E72347A8-8725-4DAB-9D2C-609072A4E904\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx102-1020_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"E2F70AA8-7DB0-415F-AB71-4F527E930C56\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx102-1020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1A91E22-8F08-4470-BC4A-14D25A827607\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx102-9020_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"644FC209-89BD-46E5-BD08-1A9518200AF4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx102-9020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34CE73C8-BF67-4BC3-81B2-275393441C91\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1p2-1140dt_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"53B955C2-94EE-4C9A-9858-B38AF619640A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1p2-1140dt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFF59B0A-C08C-4D56-B301-631DD155BEF4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1p2-1140dt1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"B73A630B-5A24-459F-80E5-E88C0D3C04BD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1p2-1140dt1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63EEFB13-8B20-4A42-8511-98C4C8E045FA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1p2-1040dt_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"29BDE27D-6AFE-459A-B368-4D59BF2112EB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1p2-1040dt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EF898A-8273-4044-8F4B-B2082294749F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1p2-1040dt1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"CD05B298-12C5-48B7-814D-62CA3DD6623A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1p2-1040dt1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DD457B-3E36-4C10-B34F-21CD0B931459\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1p2-9024dt_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"5C0048B2-460B-4795-A23F-B83EC8830900\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1p2-9024dt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B1E7DBC-6211-4503-9154-D0BD0FA3BE95\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1p2-9024dt1_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"BB34E3A4-B7AF-461F-BA78-48C496B064D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1p2-9024dt1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F193D7DE-97C1-4883-871D-78AC7FCB9B14\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1w-cif01_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"D2279FB9-11F5-4846-92C9-C657E36D7B02\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1w-cif01:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9E45E4A-447D-4DE9-AC15-50BD2DEC5AAB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1w-cif11_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"0E1F7962-856D-4C94-A3FE-A14591B5B982\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1w-cif11:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA6772B4-5B9D-4642-9DA6-5595C92895C4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1w-cif12_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"60836E6B-91EC-44A7-8FFF-535A32A83986\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1w-cif12:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD3B3071-1C48-4AD0-9C82-59A16F52944D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1w-adb21_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"92D1E782-1625-41E0-81C2-F247628B1081\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1w-adb21:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"148C75FA-08F5-401A-B4E9-989ED80AF3EC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1w-dab21v_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"7E6F2CDD-7D0F-480E-9925-8A6F2B1D2825\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1w-dab21v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA779FC7-7C37-411C-BFD3-EE9B87E8D861\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nx1w-mab221_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"F88219CC-5788-4B68-95C7-1D6746CCF5C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nx1w-mab221:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E3688A-B3EE-441E-A16A-52FC683D4F1D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-1500_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"03C70E33-A661-4974-A0D4-935C6EE1CB7A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD281699-D123-4301-9EDF-4BE249E24FF8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-140_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"B4A80DE2-ECC9-4B35-B999-57573D386581\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-140:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4824951-49CB-4E85-A736-28A72C514FB3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-1300_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"AD94505F-4294-4BF2-8A2F-13FC419D3D96\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-1300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2917E7F0-DAA8-4D3B-A5E4-FB0ACAEF02C5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-r500_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"E01A5FE5-B310-4C46-93FB-A6A8B492E179\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-r500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A1BA508-3DBE-46C4-B72C-312AC3403C27\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-r520_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"CDEDFECF-1490-4B47-BD5A-54F560C80CF4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-r520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36BDD615-7933-4EF5-B2E5-68EB4FA776B7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-r400_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"B8FB4EB9-6E39-423B-84EF-B97698F896F0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-r400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A453709-E9EE-4DD8-8638-04752B9DFB0C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-r420_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"BD6DAE59-9863-44EE-97CC-503B980FB9AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-r420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C264C95F-F8CE-4EC1-B5A5-71998F0A75C3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-r300_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"1B4F9EF2-6C73-40AA-AF3B-BCCDFAF92E0A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-r300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8A4809E-770F-4D7B-A532-37160D8A3943\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-r320_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"84C41F6C-7B86-4823-8214-9C244283C3AE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-r320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E135F9-CB75-49AF-B7C3-25E8EA3AB991\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-5300_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"6A1EC714-602B-4946-9857-EA601CEE8504\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-5300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FEF30DD-FCF0-499E-B5C2-4184C9A7E9D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-1520_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"2BA40F4B-9EA2-416C-876C-714927FF9F32\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-1520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBBE1648-D428-4A43-831D-AB3AF3F05739\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-1420_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"F22BED01-FC93-49D6-8623-053EE4327EAB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-1420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"148C6AE8-1480-4822-8E0B-1E8575246878\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-1320_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"56A035E5-FBAD-44D1-879E-9C4062DF02B4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-1320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69D21068-A51D-48B2-BF17-68BC61737EBC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj101-1020_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"D7E91BEB-06D4-4B01-8BC6-B252F299EBB0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj101-1020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A75CF5D-0ADE-448E-BF3C-8E2C268EE1BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj101-9020_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"1CB51A57-B840-4E4E-A970-B95E61B9D325\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj101-9020:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8696CE8A-C041-4EED-888B-36F2E499E67A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-1340_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"1E7ADA83-1E1B-459C-966C-00DD46B96198\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-1340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B381AE4-A769-403A-97FA-14FA5F8122CC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-4500_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"E19F9721-B79A-4C5D-8414-86C709D4C292\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-4500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8F99DC-4992-4141-AD76-B8A0A690AD4D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-4400_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"7124BF89-F495-4C5D-BBC8-7FFF4F160B1D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-4400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D53224A-F4AE-42D5-9CE6-C46892BD658D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-4300_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"1226F0B5-3300-4A13-B692-62C6DB407810\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-4300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB77802D-96CB-49DB-A912-9DB901130F08\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-4310_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"FC21723E-18CF-4AC3-9EF7-0DC59D6438DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-4310:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FDF3ECD-A475-44D1-BF08-B1D60F33D163\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj501-4320_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"BB81B854-8606-4EAB-BCB1-C45AFF315F7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj501-4320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"060083B0-E9E5-4694-94AB-3517B4B6E0C2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj301-1200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.48\",\"matchCriteriaId\":\"F9C2854F-BDBC-42CB-AE2C-D2682B285EC1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj301-1200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D279907-5CF4-416F-BE78-300FD52B5B2D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj301-1100_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"90EF11A3-0FC3-46C8-9AC7-90A6768149A3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj301-1100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D92B425-000A-4A85-820E-E16B8AFF06B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj101-1000_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"F7C4F791-6705-4501-AAAD-A08B8731A644\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj101-1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5A77DA0-B22A-4C26-8E64-6F272CD420A3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj101-9000_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"D8EBA4D5-57A7-4AB4-80C8-B3AA0881438B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj101-9000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3883A8C-C4EC-45F0-B164-0BADFF91E361\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj-pa3001_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"902CECE1-A411-43D6-9FE6-C80D92F79909\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj-pa3001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E4422C-0758-4A41-B3C9-FB239E3440B6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:nj-pd3001_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.48\",\"matchCriteriaId\":\"7F4612C4-A7B2-44CD-8138-18B5A0A537D5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:nj-pd3001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"377396A7-4CDD-4768-AA23-A0B063962CC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:omron:sysmac_studio:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.49\",\"matchCriteriaId\":\"D0C9C903-58E8-4AAD-9D8B-98EFB3CD5261\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:na5-15w_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.15\",\"matchCriteriaId\":\"26005582-DD0D-45F3-8FA6-4B1A5DB72B1A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:na5-15w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9B1DD5F-1260-4FF1-BE5F-42CF2748AA83\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:na5-12w_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.15\",\"matchCriteriaId\":\"4FA1DFB3-0E4A-4864-81E7-505064C6C6E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:na5-12w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79B75CC6-944C-4403-912B-EA58932B6951\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:na5-9w_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.15\",\"matchCriteriaId\":\"B401EFE5-F41D-4587-8401-DFA4464A7926\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:na5-9w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0E96DE9-7831-463C-8D08-4D632BBF948C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omron:na5-7w_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.15\",\"matchCriteriaId\":\"D90818CE-751B-4DF2-9CCC-0178E7349453\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:omron:na5-7w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE59D9EE-0CF7-4088-B872-B9B0063DD01C\"}]}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU97050784/index.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://jvn.jp/en/vu/JVNVU97050784/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
}
}
CVE-2022-34151
Vulnerability from jvndb
Published
2022-11-10 09:46
Modified
2022-11-10 09:46
Severity ?
Summary
Multiple vulnerabilities in OMRON products
Details
Machine automation controller NJ/NX series, Automation software "Sysmac Studio", and programmable terminal (PT) NA series provided by OMRON Corporation contain multiple vulnerabilities in the communication function.
The vulnerabilities are as follows.
* Use of Hard-coded Credentials (CWE-798) - CVE-2022-34151
* Authentication Bypass by Capture-replay (CWE-294) - CVE-2022-33208
* Active Debug Code (CWE-489) - CVE-2022-33971
OMRON Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/vu/JVNVU97050784/index.html | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2022-34151 | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2022-33208 | |
| CVE | https://www.cve.org/CVERecord?id=CVE-2022-33971 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2022-34151 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2022-33208 | |
| NVD | https://nvd.nist.gov/vuln/detail/CVE-2022-33971 | |
| US-CERT National Cyber Awareness System Alerts | https://www.cisa.gov/uscert/ncas/alerts/aa22-103a | |
| Authentication Bypass by Capture-replay(CWE-294) | https://cwe.mitre.org/data/definitions/294.html | |
| Active Debug Code(CWE-489) | https://cwe.mitre.org/data/definitions/489.html | |
| Use of Hard-coded Credentials(CWE-798) | https://cwe.mitre.org/data/definitions/798.html |
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002691.html",
"dc:date": "2022-11-10T09:46+09:00",
"dcterms:issued": "2022-11-10T09:46+09:00",
"dcterms:modified": "2022-11-10T09:46+09:00",
"description": "Machine automation controller NJ/NX series, Automation software \"Sysmac Studio\", and programmable terminal (PT) NA series provided by OMRON Corporation contain multiple vulnerabilities in the communication function.\r\nThe vulnerabilities are as follows.\r\n\r\n * Use of Hard-coded Credentials (CWE-798) - CVE-2022-34151\r\n * Authentication Bypass by Capture-replay (CWE-294) - CVE-2022-33208\r\n * Active Debug Code (CWE-489) - CVE-2022-33971\r\n\r\nOMRON Corporation reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002691.html",
"sec:cpe": [
{
"#text": "cpe:/a:omron:automation_software_sysmac_studio",
"@product": "Automation software \"Sysmac Studio\"",
"@vendor": "OMRON Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:omron:machine_automation_controller_nj_series",
"@product": "Machine automation controller NJ series",
"@vendor": "OMRON Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:omron:machine_automation_controller_nx_series",
"@product": "Machine automation controller NX series",
"@vendor": "OMRON Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:omron:programmable_terminal_na_series",
"@product": "Programmable terminal (PT) NA series",
"@vendor": "OMRON Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.4",
"@severity": "Critical",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2022-002691",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU97050784/index.html",
"@id": "JVNVU#97050784",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-34151",
"@id": "CVE-2022-34151",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-33208",
"@id": "CVE-2022-33208",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-33971",
"@id": "CVE-2022-33971",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-34151",
"@id": "CVE-2022-34151",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-33208",
"@id": "CVE-2022-33208",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-33971",
"@id": "CVE-2022-33971",
"@source": "NVD"
},
{
"#text": "https://www.cisa.gov/uscert/ncas/alerts/aa22-103a",
"@id": "AA22-103A",
"@source": "US-CERT National Cyber Awareness System Alerts"
},
{
"#text": "https://cwe.mitre.org/data/definitions/294.html",
"@id": "CWE-294",
"@title": "Authentication Bypass by Capture-replay(CWE-294)"
},
{
"#text": "https://cwe.mitre.org/data/definitions/489.html",
"@id": "CWE-489",
"@title": "Active Debug Code(CWE-489)"
},
{
"#text": "https://cwe.mitre.org/data/definitions/798.html",
"@id": "CWE-798",
"@title": "Use of Hard-coded Credentials(CWE-798)"
}
],
"title": "Multiple vulnerabilities in OMRON products"
}
ICSA-22-314-08
Vulnerability from csaf_cisa
Published
2022-11-10 00:00
Modified
2022-11-10 00:00
Summary
Omron NJ/NX-series Machine Automation Controllers
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may allow an attacker to bypass authentication in the communications connection process to login and operate the controller products without authorization.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Japan
Recommended Practices
This vulnerability and countermeasures correspond to the those reported in the CISA ICS Alert: APT Cyber Tools Targeting ICS/SCADA Devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
{
"document": {
"acknowledgments": [
{
"names": [
"Reid Wightman"
],
"organization": "Dragos",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may allow an attacker to bypass authentication in the communications connection process to login and operate the controller products without authorization.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "This vulnerability and countermeasures correspond to the those reported in the CISA ICS Alert: APT Cyber Tools Targeting ICS/SCADA Devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-314-08 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-314-08.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-314-08 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-314-08"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/alerts/aa22-103a"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-314-08"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
}
],
"title": "Omron NJ/NX-series Machine Automation Controllers",
"tracking": {
"current_release_date": "2022-11-10T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-314-08",
"initial_release_date": "2022-11-10T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-11-10T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.28",
"product": {
"name": "NJ/NX-series Controllers and Software - NX7-series Machine Automation Controller (All Models): Versions 1.28 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.48",
"product": {
"name": "NJ/NX-series Controllers and Software - NX1-series Machine Automation Controller (All Models): Versions 1.48 and prior",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.48",
"product": {
"name": "NJ/NX-series Controllers and Software - NJ-series Machine Automation Controller (All Models): Versions 1.48 and prior",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.49",
"product": {
"name": "NJ/NX-series Controllers and Software - Automation Software Sysmac Studio (All Models): Versions 1.49 and prior",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.15",
"product": {
"name": "NJ/NX-series Controllers and Software - NA-series Programable Terminal (NA5-15W, NA5-12W, NA5-9W, NA5-7W): Runtime versions 1.15 and prior ",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
}
],
"category": "vendor",
"name": "Omron"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34151",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "Use of hard-coded credentials vulnerability exists in machine automation controller NJ series models v1.48 and earlier, machine automation controller NX7 series models v1.28 and earlier, machine automation controller NX1 series models v1.48 and earlier, automation software Sysmac Studio models v1.49 and earlier, and programmable terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models with runtime v1.15 and earlier; this may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.CVE-2022-34151 has been assigned to this vulnerability. A CVSS v3 base score of 9.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34151"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "NX7-series Machine Automation Controller: Update to version 1.29 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NX1-series Machine Automation Controller: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (NJ501-1300, NJ501-1400, NJ501-1500): Update to version 1.49 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (All other models): Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Automation Software Sysmac Studio: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NA-series Programable Terminal: Update to runtime version 1.16 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For information on how to obtain and update firmware for the countermeasure version of the product, contact Omron sales office or distributors. Users can update the Sysmac Studio to the latest versions using the installed Omron Automation Software AutoUpdate tool.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/global_network/index.html"
},
{
"category": "mitigation",
"details": "Enable antivirus protection",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect any PC with access to the control system against malware by ensuring the installation and maintenance of up-to-date commercial grade antivirus software protection.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Minimize connection of control systems and equipment to open networks preventing untrusted devices from accessing them.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Implement firewalls by shutting down unused communications ports, limiting communications between hosts, and isolate affected systems from the IT network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use a virtual private network (VPN) for remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use strong passwords and change passwords frequently.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Install physical controls that only permit authorized personnel access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Scan USB drives or similar devices for viruses and malware to ensure the devices are safe before connecting them to systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "When possible, enforce multifactor authentication (MFA) on all devices with remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect data input and output",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Perform process validation, such as backup validation or range checks, to cope with unintentional modification of input/output data to control systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use data recovery",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Conduct periodical data backups and maintenance to prepare for potential data loss.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For more information see Omron\u0027s advisory: OMSR-2022-001",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2022-33208",
"cwe": {
"id": "CWE-294",
"name": "Authentication Bypass by Capture-replay"
},
"notes": [
{
"category": "summary",
"text": "An attacker who can capture and analyze communication between the affected controllers and either automation software Sysmac Studio and/or a programmable terminal (PT) can obtain sensitive information that would allow the attacker to bypass authentication and access the controller.CVE-2022-33208 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33208"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "NX7-series Machine Automation Controller: Update to version 1.29 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NX1-series Machine Automation Controller: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (NJ501-1300, NJ501-1400, NJ501-1500): Update to version 1.49 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (All other models): Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Automation Software Sysmac Studio: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NA-series Programable Terminal: Update to runtime version 1.16 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For information on how to obtain and update firmware for the countermeasure version of the product, contact Omron sales office or distributors. Users can update the Sysmac Studio to the latest versions using the installed Omron Automation Software AutoUpdate tool.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/global_network/index.html"
},
{
"category": "mitigation",
"details": "Enable antivirus protection",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect any PC with access to the control system against malware by ensuring the installation and maintenance of up-to-date commercial grade antivirus software protection.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Minimize connection of control systems and equipment to open networks preventing untrusted devices from accessing them.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Implement firewalls by shutting down unused communications ports, limiting communications between hosts, and isolate affected systems from the IT network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use a virtual private network (VPN) for remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use strong passwords and change passwords frequently.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Install physical controls that only permit authorized personnel access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Scan USB drives or similar devices for viruses and malware to ensure the devices are safe before connecting them to systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "When possible, enforce multifactor authentication (MFA) on all devices with remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect data input and output",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Perform process validation, such as backup validation or range checks, to cope with unintentional modification of input/output data to control systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use data recovery",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Conduct periodical data backups and maintenance to prepare for potential data loss.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For more information see Omron\u0027s advisory: OMSR-2022-001",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
}
]
}
icsa-22-314-08
Vulnerability from csaf_cisa
Published
2022-11-10 00:00
Modified
2022-11-10 00:00
Summary
Omron NJ/NX-series Machine Automation Controllers
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may allow an attacker to bypass authentication in the communications connection process to login and operate the controller products without authorization.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Japan
Recommended Practices
This vulnerability and countermeasures correspond to the those reported in the CISA ICS Alert: APT Cyber Tools Targeting ICS/SCADA Devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
{
"document": {
"acknowledgments": [
{
"names": [
"Reid Wightman"
],
"organization": "Dragos",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may allow an attacker to bypass authentication in the communications connection process to login and operate the controller products without authorization.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "This vulnerability and countermeasures correspond to the those reported in the CISA ICS Alert: APT Cyber Tools Targeting ICS/SCADA Devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-314-08 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-314-08.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-314-08 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-314-08"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/alerts/aa22-103a"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-314-08"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
}
],
"title": "Omron NJ/NX-series Machine Automation Controllers",
"tracking": {
"current_release_date": "2022-11-10T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-314-08",
"initial_release_date": "2022-11-10T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-11-10T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.28",
"product": {
"name": "NJ/NX-series Controllers and Software - NX7-series Machine Automation Controller (All Models): Versions 1.28 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.48",
"product": {
"name": "NJ/NX-series Controllers and Software - NX1-series Machine Automation Controller (All Models): Versions 1.48 and prior",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.48",
"product": {
"name": "NJ/NX-series Controllers and Software - NJ-series Machine Automation Controller (All Models): Versions 1.48 and prior",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.49",
"product": {
"name": "NJ/NX-series Controllers and Software - Automation Software Sysmac Studio (All Models): Versions 1.49 and prior",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= 1.15",
"product": {
"name": "NJ/NX-series Controllers and Software - NA-series Programable Terminal (NA5-15W, NA5-12W, NA5-9W, NA5-7W): Runtime versions 1.15 and prior ",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "NJ/NX-series Controllers and Software"
}
],
"category": "vendor",
"name": "Omron"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34151",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "Use of hard-coded credentials vulnerability exists in machine automation controller NJ series models v1.48 and earlier, machine automation controller NX7 series models v1.28 and earlier, machine automation controller NX1 series models v1.48 and earlier, automation software Sysmac Studio models v1.49 and earlier, and programmable terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models with runtime v1.15 and earlier; this may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.CVE-2022-34151 has been assigned to this vulnerability. A CVSS v3 base score of 9.4 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-34151"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "NX7-series Machine Automation Controller: Update to version 1.29 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NX1-series Machine Automation Controller: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (NJ501-1300, NJ501-1400, NJ501-1500): Update to version 1.49 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (All other models): Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Automation Software Sysmac Studio: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NA-series Programable Terminal: Update to runtime version 1.16 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For information on how to obtain and update firmware for the countermeasure version of the product, contact Omron sales office or distributors. Users can update the Sysmac Studio to the latest versions using the installed Omron Automation Software AutoUpdate tool.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/global_network/index.html"
},
{
"category": "mitigation",
"details": "Enable antivirus protection",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect any PC with access to the control system against malware by ensuring the installation and maintenance of up-to-date commercial grade antivirus software protection.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Minimize connection of control systems and equipment to open networks preventing untrusted devices from accessing them.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Implement firewalls by shutting down unused communications ports, limiting communications between hosts, and isolate affected systems from the IT network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use a virtual private network (VPN) for remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use strong passwords and change passwords frequently.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Install physical controls that only permit authorized personnel access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Scan USB drives or similar devices for viruses and malware to ensure the devices are safe before connecting them to systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "When possible, enforce multifactor authentication (MFA) on all devices with remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect data input and output",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Perform process validation, such as backup validation or range checks, to cope with unintentional modification of input/output data to control systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use data recovery",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Conduct periodical data backups and maintenance to prepare for potential data loss.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For more information see Omron\u0027s advisory: OMSR-2022-001",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
},
{
"cve": "CVE-2022-33208",
"cwe": {
"id": "CWE-294",
"name": "Authentication Bypass by Capture-replay"
},
"notes": [
{
"category": "summary",
"text": "An attacker who can capture and analyze communication between the affected controllers and either automation software Sysmac Studio and/or a programmable terminal (PT) can obtain sensitive information that would allow the attacker to bypass authentication and access the controller.CVE-2022-33208 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33208"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "NX7-series Machine Automation Controller: Update to version 1.29 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NX1-series Machine Automation Controller: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (NJ501-1300, NJ501-1400, NJ501-1500): Update to version 1.49 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NJ-series Machine Automation Controller (All other models): Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Automation Software Sysmac Studio: Update to version 1.50 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "NA-series Programable Terminal: Update to runtime version 1.16 or higher",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For information on how to obtain and update firmware for the countermeasure version of the product, contact Omron sales office or distributors. Users can update the Sysmac Studio to the latest versions using the installed Omron Automation Software AutoUpdate tool.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/global_network/index.html"
},
{
"category": "mitigation",
"details": "Enable antivirus protection",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect any PC with access to the control system against malware by ensuring the installation and maintenance of up-to-date commercial grade antivirus software protection.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Minimize connection of control systems and equipment to open networks preventing untrusted devices from accessing them.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Implement firewalls by shutting down unused communications ports, limiting communications between hosts, and isolate affected systems from the IT network.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use a virtual private network (VPN) for remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use strong passwords and change passwords frequently.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Install physical controls that only permit authorized personnel access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Scan USB drives or similar devices for viruses and malware to ensure the devices are safe before connecting them to systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "When possible, enforce multifactor authentication (MFA) on all devices with remote access to control systems and equipment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Protect data input and output",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Perform process validation, such as backup validation or range checks, to cope with unintentional modification of input/output data to control systems and devices.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Use data recovery",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "Conduct periodical data backups and maintenance to prepare for potential data loss.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
},
{
"category": "mitigation",
"details": "For more information see Omron\u0027s advisory: OMSR-2022-001",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005"
]
}
]
}
]
}
gsd-2022-34151
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-34151",
"description": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.",
"id": "GSD-2022-34151"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-34151"
],
"details": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.",
"id": "GSD-2022-34151",
"modified": "2023-12-13T01:19:18.783381Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-34151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Machine automation controller NJ series, Machine automation controller NX series, Automation software \u0027Sysmac Studio\u0027, and Programmable Terminal (PT) NA series",
"version": {
"version_data": [
{
"version_value": "Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier"
}
]
}
}
]
},
"vendor_name": "OMRON Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf",
"refsource": "MISC",
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
},
{
"name": "https://jvn.jp/en/vu/JVNVU97050784/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx701-1600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx701-1600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx701-1700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx701-1700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx701-z700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx701-z700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx701-z600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx701-z600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx701-1720_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx701-1720:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx701-1620_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx701-1620:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx102-1200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx102-1200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx102-1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx102-1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx102-1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx102-1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx102-1220_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx102-1220:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx102-1120_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx102-1120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx102-1020_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx102-1020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx102-9020_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx102-9020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1p2-1140dt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1p2-1140dt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1p2-1140dt1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1p2-1140dt1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1p2-1040dt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1p2-1040dt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1p2-1040dt1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1p2-1040dt1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1p2-9024dt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1p2-9024dt:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1p2-9024dt1_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1p2-9024dt1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1w-cif01_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1w-cif01:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1w-cif11_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1w-cif11:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1w-cif12_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1w-cif12:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1w-adb21_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1w-adb21:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1w-dab21v_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1w-dab21v:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nx1w-mab221_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nx1w-mab221:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-1500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-1500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-140_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-140:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-1300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-1300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-r500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-r500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-r520_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-r520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-r400_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-r400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-r420_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-r420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-r300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-r300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-r320_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-r320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-5300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-5300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-1520_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-1520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-1420_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-1420:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-1320_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-1320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj101-1020_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj101-1020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj101-9020_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj101-9020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-1340_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-1340:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-4500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-4500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-4400_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-4400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-4300_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-4300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-4310_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-4310:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj501-4320_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj501-4320:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj301-1200_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj301-1200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj301-1100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj301-1100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj101-1000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj101-1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj101-9000_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj101-9000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj-pa3001_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj-pa3001:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:nj-pd3001_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:nj-pd3001:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:omron:sysmac_studio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.49",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:na5-15w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:na5-15w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:na5-12w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:na5-12w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:na5-9w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:na5-9w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:omron:na5-7w_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:omron:na5-7w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-34151"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf",
"refsource": "MISC",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
},
{
"name": "https://jvn.jp/en/vu/JVNVU97050784/index.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-07-15T17:14Z",
"publishedDate": "2022-07-04T02:15Z"
}
}
}
var-202207-0037
Vulnerability from variot
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller. * Using hardcoded credentials ( CWE-798 ) - CVE-2022-34151 It was * Capture-Replay Authentication evasion by ( CWE-294 ) - CVE-2022-33208 It was * Presence of debug code available ( CWE-489 ) - CVE-2022-33971 This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but may include: * Unauthorized access to the controller product by a third party who has obtained authentication information by analyzing the product in advance. - CVE-2022-34151 It was * Applicable controller products and automation software Sysmac Studio unauthorized access to the controller product by a third party who can analyze the communication between the controller and the programmable terminal. - CVE-2022-33208 It was * Disruption of service operation ( DoS ) attacks and malicious programs are executed - CVE-2022-33971. Omron Machine automation controller NX7 series, etc. are all products of Japan's Omron (Omron). Omron Machine automation controller NX7 series is a series of machine automation controllers. Omron Machine automation controller NX1 series is a series of machine automation controllers. An attacker could exploit this vulnerability to gain full access to a vulnerable system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0037",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nx1w-cif01",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-5300",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1p2-1140dt",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-1520",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx701-1600",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.28"
},
{
"model": "nj501-r520",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-4500",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx102-1000",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-r300",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-4300",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-1500",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-r420",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "na5-15w",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.15"
},
{
"model": "nj501-1420",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj-pd3001",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj101-1020",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1p2-9024dt1",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj101-9000",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx701-z600",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.28"
},
{
"model": "nx102-1200",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-1300",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "sysmac studio",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.49"
},
{
"model": "nj501-1320",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-r500",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-4310",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx102-1100",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "na5-7w",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.15"
},
{
"model": "nj501-140",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "na5-12w",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.15"
},
{
"model": "nx102-1020",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj301-1100",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj101-1000",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1w-mab221",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx701-1720",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.28"
},
{
"model": "nx701-z700",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.28"
},
{
"model": "nx701-1620",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.28"
},
{
"model": "nx1w-cif12",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1p2-1040dt1",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj101-9020",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj301-1200",
"scope": "lt",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj-pa3001",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1w-adb21",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-4400",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx102-1220",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1p2-9024dt",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1w-cif11",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-4320",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx102-9020",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1p2-1040dt",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "na5-9w",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.15"
},
{
"model": "nj501-1340",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx102-1120",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-r400",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1p2-1140dt1",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nj501-r320",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx1w-dab21v",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.48"
},
{
"model": "nx701-1700",
"scope": "lte",
"trust": 1.0,
"vendor": "omron",
"version": "1.28"
},
{
"model": "\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 sysmac studio",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e0\u30ed\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "\u30d7\u30ed\u30b0\u30e9\u30de\u30d6\u30eb\u30bf\u30fc\u30df\u30ca\u30eb na \u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e0\u30ed\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "\u30de\u30b7\u30f3\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9 nx \u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e0\u30ed\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "\u30de\u30b7\u30f3\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9 nj \u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e0\u30ed\u30f3\u682a\u5f0f\u4f1a\u793e",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"cve": "CVE-2022-34151",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2022-34151",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-426451",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2022-34151",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.4,
"baseSeverity": "Critical",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2022-002691",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-34151",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "OTHER",
"id": "JVNDB-2022-002691",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-356",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-426451",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-34151",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-426451"
},
{
"db": "VULMON",
"id": "CVE-2022-34151"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-356"
},
{
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller. * Using hardcoded credentials ( CWE-798 ) - CVE-2022-34151 It was * Capture-Replay Authentication evasion by ( CWE-294 ) - CVE-2022-33208 It was * Presence of debug code available ( CWE-489 ) - CVE-2022-33971 This vulnerability information is provided by the developer for the purpose of dissemination to product users. JPCERT/CC Report to JPCERT/CC Coordinated with the developer.The potential impact will vary for each vulnerability, but may include: * Unauthorized access to the controller product by a third party who has obtained authentication information by analyzing the product in advance. - CVE-2022-34151 It was * Applicable controller products and automation software Sysmac Studio unauthorized access to the controller product by a third party who can analyze the communication between the controller and the programmable terminal. - CVE-2022-33208 It was * Disruption of service operation ( DoS ) attacks and malicious programs are executed - CVE-2022-33971. Omron Machine automation controller NX7 series, etc. are all products of Japan\u0027s Omron (Omron). Omron Machine automation controller NX7 series is a series of machine automation controllers. Omron Machine automation controller NX1 series is a series of machine automation controllers. An attacker could exploit this vulnerability to gain full access to a vulnerable system",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34151"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "VULHUB",
"id": "VHN-426451"
},
{
"db": "VULMON",
"id": "CVE-2022-34151"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-34151",
"trust": 3.4
},
{
"db": "JVN",
"id": "JVNVU97050784",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002691",
"trust": 1.4
},
{
"db": "USCERT",
"id": "AA22-103A",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202207-356",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2022070405",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-426451",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-34151",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-426451"
},
{
"db": "VULMON",
"id": "CVE-2022-34151"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-356"
},
{
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"id": "VAR-202207-0037",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-426451"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:49:43.121000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "machine automation controller \u00a0NJ/NX\u00a0 Authentication Bypass Vulnerability in Communication Function of Series Omron Corporation",
"trust": 0.8,
"url": "https://www.fa.omron.co.jp/product/vulnerability/OMSR-2022-001_ja.pdf"
},
{
"title": "Multiple Omron Repair measures for product trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=200206"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-356"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.0
},
{
"problemtype": "Capture-replay authentication evasion by (CWE-294) [ others ]",
"trust": 0.8
},
{
"problemtype": " debug code in active state (CWE-489) [ others ]",
"trust": 0.8
},
{
"problemtype": " Use hard-coded credentials (CWE-798) [ others ]",
"trust": 0.8
},
{
"problemtype": "CWE-294",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-426451"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://jvn.jp/en/vu/jvnvu97050784/index.html"
},
{
"trust": 1.8,
"url": "https://www.ia.omron.com/product/vulnerability/omsr-2022-001_en.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu97050784/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-34151"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-33208"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-33971"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/uscert/ncas/alerts/aa22-103a"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-34151/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070405"
},
{
"trust": 0.6,
"url": "https://jvndb.jvn.jp/en/contents/2022/jvndb-2022-002691.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/294.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-426451"
},
{
"db": "VULMON",
"id": "CVE-2022-34151"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-356"
},
{
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-426451"
},
{
"db": "VULMON",
"id": "CVE-2022-34151"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-356"
},
{
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-04T00:00:00",
"db": "VULHUB",
"id": "VHN-426451"
},
{
"date": "2022-07-04T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34151"
},
{
"date": "2022-11-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"date": "2022-07-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-356"
},
{
"date": "2022-07-04T02:15:07.727000",
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "VULHUB",
"id": "VHN-426451"
},
{
"date": "2022-07-15T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34151"
},
{
"date": "2022-11-09T08:53:00",
"db": "JVNDB",
"id": "JVNDB-2022-002691"
},
{
"date": "2022-11-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-356"
},
{
"date": "2023-08-08T14:22:24.967000",
"db": "NVD",
"id": "CVE-2022-34151"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-356"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in multiple Omron products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-002691"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-356"
}
],
"trust": 0.6
}
}
fkie_cve-2022-34151
Vulnerability from fkie_nvd
Published
2022-07-04 02:15
Modified
2024-11-21 07:08
Severity ?
Summary
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU97050784/index.html | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/vu/JVNVU97050784/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf | Mitigation, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx701-1600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C32C9A6D-2AF6-4005-AD33-E54B2726A769",
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx701-1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A613C260-184B-4131-B2EC-656D8322F86B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx701-1700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "929C2ED9-5BBD-4585-A95F-A3C5F12C5376",
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx701-1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "753A218D-C738-42E5-B523-ED7CACCAEC82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx701-z700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B87C2BC4-8CDE-42CA-B0D3-EEBEAD0BCECF",
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx701-z700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36F25E10-A76C-4A16-B72B-4B9E572EDBAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx701-z600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "586D8ACC-BD51-403C-AAF6-55392741D582",
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx701-z600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90B7C106-4C14-4C0A-BA78-9A3DD63EF576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx701-1720_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67236B5C-8045-4413-8767-1F0904EF6E7F",
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx701-1720:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2434BE7E-3E5D-48A9-838C-BCC6055135F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx701-1620_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1805212B-75E3-4443-A7D4-B889EA53721A",
"versionEndIncluding": "1.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx701-1620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "210D7FA7-18A3-45B7-976B-9DEDC59294C7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx102-1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91116EDD-1D61-4D78-9367-C78E80E85BE3",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx102-1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A6528B-2160-4CE4-88B2-EC69DB5797B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx102-1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EEA800B1-6E43-45C8-833E-744831490B98",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx102-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E68759-07B1-4F7B-8EF8-0429C8CFCAAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx102-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "509A80E2-0FE2-4E65-A276-351953EA403D",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx102-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D01F33E2-E10C-4B3F-9326-7022924423DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx102-1220_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A572C4-8EDA-4A4D-9358-9E2313F9D71A",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx102-1220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE463BB1-BE67-4D80-8FE7-85F960945AF5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx102-1120_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "960BC2F9-7B36-419A-BEF6-1895666422A2",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx102-1120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E72347A8-8725-4DAB-9D2C-609072A4E904",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx102-1020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F70AA8-7DB0-415F-AB71-4F527E930C56",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx102-1020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A91E22-8F08-4470-BC4A-14D25A827607",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx102-9020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "644FC209-89BD-46E5-BD08-1A9518200AF4",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx102-9020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34CE73C8-BF67-4BC3-81B2-275393441C91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1p2-1140dt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53B955C2-94EE-4C9A-9858-B38AF619640A",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1p2-1140dt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFF59B0A-C08C-4D56-B301-631DD155BEF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1p2-1140dt1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B73A630B-5A24-459F-80E5-E88C0D3C04BD",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1p2-1140dt1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63EEFB13-8B20-4A42-8511-98C4C8E045FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1p2-1040dt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29BDE27D-6AFE-459A-B368-4D59BF2112EB",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1p2-1040dt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7EF898A-8273-4044-8F4B-B2082294749F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1p2-1040dt1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD05B298-12C5-48B7-814D-62CA3DD6623A",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1p2-1040dt1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8DD457B-3E36-4C10-B34F-21CD0B931459",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1p2-9024dt_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0048B2-460B-4795-A23F-B83EC8830900",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1p2-9024dt:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B1E7DBC-6211-4503-9154-D0BD0FA3BE95",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1p2-9024dt1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB34E3A4-B7AF-461F-BA78-48C496B064D6",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1p2-9024dt1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F193D7DE-97C1-4883-871D-78AC7FCB9B14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1w-cif01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2279FB9-11F5-4846-92C9-C657E36D7B02",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1w-cif01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E45E4A-447D-4DE9-AC15-50BD2DEC5AAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1w-cif11_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E1F7962-856D-4C94-A3FE-A14591B5B982",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1w-cif11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA6772B4-5B9D-4642-9DA6-5595C92895C4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1w-cif12_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60836E6B-91EC-44A7-8FFF-535A32A83986",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1w-cif12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3B3071-1C48-4AD0-9C82-59A16F52944D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1w-adb21_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92D1E782-1625-41E0-81C2-F247628B1081",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1w-adb21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "148C75FA-08F5-401A-B4E9-989ED80AF3EC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1w-dab21v_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E6F2CDD-7D0F-480E-9925-8A6F2B1D2825",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1w-dab21v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA779FC7-7C37-411C-BFD3-EE9B87E8D861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nx1w-mab221_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F88219CC-5788-4B68-95C7-1D6746CCF5C7",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nx1w-mab221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48E3688A-B3EE-441E-A16A-52FC683D4F1D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03C70E33-A661-4974-A0D4-935C6EE1CB7A",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD281699-D123-4301-9EDF-4BE249E24FF8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-140_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A80DE2-ECC9-4B35-B999-57573D386581",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4824951-49CB-4E85-A736-28A72C514FB3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-1300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD94505F-4294-4BF2-8A2F-13FC419D3D96",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2917E7F0-DAA8-4D3B-A5E4-FB0ACAEF02C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-r500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E01A5FE5-B310-4C46-93FB-A6A8B492E179",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-r500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1BA508-3DBE-46C4-B72C-312AC3403C27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-r520_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEDFECF-1490-4B47-BD5A-54F560C80CF4",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-r520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36BDD615-7933-4EF5-B2E5-68EB4FA776B7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-r400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FB4EB9-6E39-423B-84EF-B97698F896F0",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-r400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A453709-E9EE-4DD8-8638-04752B9DFB0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-r420_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6DAE59-9863-44EE-97CC-503B980FB9AA",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-r420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C264C95F-F8CE-4EC1-B5A5-71998F0A75C3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-r300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B4F9EF2-6C73-40AA-AF3B-BCCDFAF92E0A",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-r300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A4809E-770F-4D7B-A532-37160D8A3943",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-r320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84C41F6C-7B86-4823-8214-9C244283C3AE",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-r320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32E135F9-CB75-49AF-B7C3-25E8EA3AB991",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-5300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1EC714-602B-4946-9857-EA601CEE8504",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEF30DD-FCF0-499E-B5C2-4184C9A7E9D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-1520_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA40F4B-9EA2-416C-876C-714927FF9F32",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-1520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBE1648-D428-4A43-831D-AB3AF3F05739",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-1420_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BED01-FC93-49D6-8623-053EE4327EAB",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-1420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "148C6AE8-1480-4822-8E0B-1E8575246878",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-1320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A035E5-FBAD-44D1-879E-9C4062DF02B4",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-1320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69D21068-A51D-48B2-BF17-68BC61737EBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj101-1020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E91BEB-06D4-4B01-8BC6-B252F299EBB0",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj101-1020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A75CF5D-0ADE-448E-BF3C-8E2C268EE1BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj101-9020_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB51A57-B840-4E4E-A970-B95E61B9D325",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj101-9020:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8696CE8A-C041-4EED-888B-36F2E499E67A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-1340_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7ADA83-1E1B-459C-966C-00DD46B96198",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-1340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B381AE4-A769-403A-97FA-14FA5F8122CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E19F9721-B79A-4C5D-8414-86C709D4C292",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8F99DC-4992-4141-AD76-B8A0A690AD4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-4400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7124BF89-F495-4C5D-BBC8-7FFF4F160B1D",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-4400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D53224A-F4AE-42D5-9CE6-C46892BD658D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-4300_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1226F0B5-3300-4A13-B692-62C6DB407810",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB77802D-96CB-49DB-A912-9DB901130F08",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-4310_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC21723E-18CF-4AC3-9EF7-0DC59D6438DF",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-4310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FDF3ECD-A475-44D1-BF08-B1D60F33D163",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj501-4320_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB81B854-8606-4EAB-BCB1-C45AFF315F7F",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj501-4320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060083B0-E9E5-4694-94AB-3517B4B6E0C2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj301-1200_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C2854F-BDBC-42CB-AE2C-D2682B285EC1",
"versionEndExcluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj301-1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D279907-5CF4-416F-BE78-300FD52B5B2D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj301-1100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90EF11A3-0FC3-46C8-9AC7-90A6768149A3",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj301-1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D92B425-000A-4A85-820E-E16B8AFF06B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj101-1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7C4F791-6705-4501-AAAD-A08B8731A644",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj101-1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A77DA0-B22A-4C26-8E64-6F272CD420A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj101-9000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8EBA4D5-57A7-4AB4-80C8-B3AA0881438B",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj101-9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3883A8C-C4EC-45F0-B164-0BADFF91E361",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj-pa3001_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "902CECE1-A411-43D6-9FE6-C80D92F79909",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj-pa3001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97E4422C-0758-4A41-B3C9-FB239E3440B6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:nj-pd3001_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F4612C4-A7B2-44CD-8138-18B5A0A537D5",
"versionEndIncluding": "1.48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:nj-pd3001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "377396A7-4CDD-4768-AA23-A0B063962CC7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:omron:sysmac_studio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0C9C903-58E8-4AAD-9D8B-98EFB3CD5261",
"versionEndIncluding": "1.49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:na5-15w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26005582-DD0D-45F3-8FA6-4B1A5DB72B1A",
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:na5-15w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B1DD5F-1260-4FF1-BE5F-42CF2748AA83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:na5-12w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA1DFB3-0E4A-4864-81E7-505064C6C6E4",
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:na5-12w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79B75CC6-944C-4403-912B-EA58932B6951",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:na5-9w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B401EFE5-F41D-4587-8401-DFA4464A7926",
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:na5-9w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E96DE9-7831-463C-8D08-4D632BBF948C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:omron:na5-7w_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D90818CE-751B-4DF2-9CCC-0178E7349453",
"versionEndIncluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:omron:na5-7w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE59D9EE-0CF7-4088-B872-B9B0063DD01C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de uso de credenciales embebidas en el controlador de automatizaci\u00f3n de M\u00e1quinas serie NJ todos los modelos Versiones 1.48 y anteriores, el controlador de automatizaci\u00f3n de M\u00e1quinas serie NX7 todos los modelos Versiones 1.28 y anteriores, el controlador de automatizaci\u00f3n de M\u00e1quinas serie NX1 todos los modelos Versiones 1.48 y anteriores, el software de automatizaci\u00f3n \"Sysmac Studio\" todos los modelos Versiones 1. 49 y anteriores, y Terminal programable (PT) serie NA5-15W/NA5-12W/NA5-9W/NA5-7W modelos Runtime Versiones 1.15 y anteriores, lo que puede permitir a un atacante remoto que haya obtenido con \u00e9xito las credenciales de usuario mediante el an\u00e1lisis del producto afectado acceder al controlador"
}
],
"id": "CVE-2022-34151",
"lastModified": "2024-11-21T07:08:57.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-04T02:15:07.727",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-gx2r-v5m4-v5qp
Vulnerability from github
Published
2022-07-05 00:00
Modified
2022-07-16 00:00
Severity ?
Details
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.
{
"affected": [],
"aliases": [
"CVE-2022-34151"
],
"database_specific": {
"cwe_ids": [
"CWE-294"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-07-04T02:15:00Z",
"severity": "HIGH"
},
"details": "Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software \u0027Sysmac Studio\u0027 all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.",
"id": "GHSA-gx2r-v5m4-v5qp",
"modified": "2022-07-16T00:00:27Z",
"published": "2022-07-05T00:00:58Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34151"
},
{
"type": "WEB",
"url": "https://jvn.jp/en/vu/JVNVU97050784/index.html"
},
{
"type": "WEB",
"url": "https://www.ia.omron.com/product/vulnerability/OMSR-2022-001_en.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.