CVE-2022-33971

04.07.2022, 02:15

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an adjacent attacker who can analyze the communication between the controller and the specific software used by OMRON internally to cause a denial-of-service (DoS) condition or execute a malicious program.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	ADJACENT_NETWORK	HIGH	NONE	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
jpcert	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Vendor	Product	Version
omron	nx701-1600_firmware	𝑥 ≤ 1.28
omron	nx701-1700_firmware	𝑥 ≤ 1.28
omron	nx701-z700_firmware	𝑥 ≤ 1.28
omron	nx701-z600_firmware	𝑥 ≤ 1.28
omron	nx701-1720_firmware	𝑥 ≤ 1.28
omron	nx701-1620_firmware	𝑥 ≤ 1.28
omron	nx102-1200_firmware	𝑥 ≤ 1.48
omron	nx102-1100_firmware	𝑥 ≤ 1.48
omron	nx102-1000_firmware	𝑥 ≤ 1.48
omron	nx102-1220_firmware	𝑥 ≤ 1.48
omron	nx102-1120_firmware	𝑥 ≤ 1.48
omron	nx102-1020_firmware	𝑥 ≤ 1.48
omron	nx102-9020_firmware	𝑥 ≤ 1.48
omron	nx1p2-1140dt_firmware	𝑥 ≤ 1.48
omron	nx1p2-1140dt1_firmware	𝑥 ≤ 1.48
omron	nx1p2-1040dt_firmware	𝑥 ≤ 1.48
omron	nx1p2-1040dt1_firmware	𝑥 ≤ 1.48
omron	nx1p2-9024dt_firmware	𝑥 ≤ 1.48
omron	nx1p2-9024dt1_firmware	𝑥 ≤ 1.48
omron	nx1w-cif01_firmware	𝑥 ≤ 1.48
omron	nx1w-cif11_firmware	𝑥 ≤ 1.48
omron	nx1w-cif12_firmware	𝑥 ≤ 1.48
omron	nx1w-adb21_firmware	𝑥 ≤ 1.48
omron	nx1w-dab21v_firmware	𝑥 ≤ 1.48
omron	nx1w-mab221_firmware	𝑥 ≤ 1.48
omron	nj501-1500_firmware	𝑥 ≤ 1.48
omron	nj501-140_firmware	𝑥 ≤ 1.48
omron	nj501-1300_firmware	𝑥 ≤ 1.48
omron	nj501-r500_firmware	𝑥 ≤ 1.48
omron	nj501-r520_firmware	𝑥 ≤ 1.48
omron	nj501-r400_firmware	𝑥 ≤ 1.48
omron	nj501-r420_firmware	𝑥 ≤ 1.48
omron	nj501-r300_firmware	𝑥 ≤ 1.48
omron	nj501-r320_firmware	𝑥 ≤ 1.48
omron	nj501-5300_firmware	𝑥 ≤ 1.48
omron	nj501-1520_firmware	𝑥 ≤ 1.48
omron	nj501-1420_firmware	𝑥 ≤ 1.48
omron	nj501-1320_firmware	𝑥 ≤ 1.48
omron	nj101-1020_firmware	𝑥 ≤ 1.48
omron	nj101-9020_firmware	𝑥 ≤ 1.48
omron	nj501-1340_firmware	𝑥 ≤ 1.48
omron	nj501-4500_firmware	𝑥 ≤ 1.48
omron	nj501-4400_firmware	𝑥 ≤ 1.48
omron	nj501-4300_firmware	𝑥 ≤ 1.48
omron	nj501-4310_firmware	𝑥 ≤ 1.48
omron	nj501-4320_firmware	𝑥 ≤ 1.48
omron	nj301-1200_firmware	𝑥 < 1.48
omron	nj301-1100_firmware	𝑥 ≤ 1.48
omron	nj101-1000_firmware	𝑥 ≤ 1.48
omron	nj101-9000_firmware	𝑥 ≤ 1.48
omron	nj-pa3001_firmware	𝑥 ≤ 1.48
omron	nj-pd3001_firmware	𝑥 ≤ 1.48

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-294 - Authentication Bypass by Capture-replay
A capture-replay flaw exists when the design of the software makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

References

https://jvn.jp/en/vu/JVNVU97050784/index.html

https://www.ia.omron.com/product/vulnerability/OMSR-2022-002_en.pdf

https://jvn.jp/en/vu/JVNVU97050784/index.html

https://www.ia.omron.com/product/vulnerability/OMSR-2022-002_en.pdf