CVE-2022-45794

An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
DragosCNA
8.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
omronsysmac_cj2h-cpu64-eip_firmware
-
omronsysmac_cj2h-cpu64_firmware
-
omronsysmac_cj2h-cpu65-eip_firmware
-
omronsysmac_cj2h-cpu65_firmware
-
omronsysmac_cj2h-cpu66-eip_firmware
-
omronsysmac_cj2h-cpu66_firmware
-
omronsysmac_cj2h-cpu67-eip_firmware
-
omronsysmac_cj2h-cpu67_firmware
-
omronsysmac_cj2h-cpu68-eip_firmware
-
omronsysmac_cj2h-cpu68_firmware
-
omronsysmac_cj2m-cpu11_firmware
-
omronsysmac_cj2m-cpu12_firmware
-
omronsysmac_cj2m-cpu13_firmware
-
omronsysmac_cj2m-cpu14_firmware
-
omronsysmac_cj2m-cpu15_firmware
-
omronsysmac_cj2m-cpu31_firmware
-
omronsysmac_cj2m-cpu32_firmware
-
omronsysmac_cj2m-cpu33_firmware
-
omronsysmac_cj2m-cpu34_firmware
-
omronsysmac_cj2m-cpu35_firmware
-
omronsysmac_cj1g-cpu45p_firmware
-
omronsysmac_cj1g-cpu44p_firmware
-
omronsysmac_cj1g-cpu43p_firmware
-
omronsysmac_cj1g-cpu42p_firmware
-
omronsysmac_cs1h-cpu63h_firmware
-
omronsysmac_cs1h-cpu65h_firmware
-
omronsysmac_cs1h-cpu67h_firmware
-
omronsysmac_cs1h-cpu64h_firmware
-
omronsysmac_cs1h-cpu66h_firmware
-
omronsysmac_cs1g-cpu44h_firmware
-
omronsysmac_cs1g-cpu43h_firmware
-
omronsysmac_cs1g-cpu42h_firmware
-
omronsysmac_cs1g-cpu45h_firmware
-
omronsysmac_cs1d-cpu65h_firmware
-
omronsysmac_cs1d-cpu67h_firmware
-
omronsysmac_cs1d-cpu68ha_firmware
-
omronsysmac_cs1d-cpu67ha_firmware
-
omronsysmac_cs1d-cpu65p_firmware
-
omronsysmac_cs1d-cpu67sa_firmware
-
omronsysmac_cs1d-cpu44sa_firmware
-
omronsysmac_cs1d-cpu67p_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/
https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-002_en.pdf
https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/
https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-002_en.pdf