CVE-2022-31206
Summary
| CVE | CVE-2022-31206 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-07-26 22:15:00 UTC |
| Updated | 2022-08-04 15:01:00 UTC |
| Description | The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native machine code for execution by the PLC's runtime). The resulting machine code is executed by a runtime, typically controlled by a real-time operating system. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, allowing an attacker to manipulate transmitted object code to the PLC and execute arbitrary machine code on the processor of the PLC's CPU module in the context of the runtime. In the case of at least the NJ series, an RTOS and hardware combination is used that would potentially allow for memory protection and privilege separation and thus limit the impact of code execution. However, it was not confirmed whether these sufficiently segment the runtime from the rest of the RTOS. |
Risk And Classification
Problem Types: CWE-347
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Omron | Nj101-1000 | - | All | All | All |
| Operating System | Omron | Nj101-1000 Firmware | All | All | All | All |
| Hardware | Omron | Nj101-1020 | - | All | All | All |
| Operating System | Omron | Nj101-1020 Firmware | All | All | All | All |
| Hardware | Omron | Nj101-9000 | - | All | All | All |
| Operating System | Omron | Nj101-9000 Firmware | All | All | All | All |
| Hardware | Omron | Nj101-9020 | - | All | All | All |
| Operating System | Omron | Nj101-9020 Firmware | All | All | All | All |
| Hardware | Omron | Nj301-1100 | - | All | All | All |
| Operating System | Omron | Nj301-1100 Firmware | All | All | All | All |
| Hardware | Omron | Nj301-1200 | - | All | All | All |
| Operating System | Omron | Nj301-1200 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-1300 | - | All | All | All |
| Operating System | Omron | Nj501-1300 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-1320 | - | All | All | All |
| Operating System | Omron | Nj501-1320 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-1340 | - | All | All | All |
| Operating System | Omron | Nj501-1340 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-1400 | - | All | All | All |
| Operating System | Omron | Nj501-1400 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-1420 | - | All | All | All |
| Operating System | Omron | Nj501-1420 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-1500 | - | All | All | All |
| Operating System | Omron | Nj501-1500 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-1520 | - | All | All | All |
| Operating System | Omron | Nj501-1520 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-4300 | - | All | All | All |
| Operating System | Omron | Nj501-4300 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-4320 | - | All | All | All |
| Operating System | Omron | Nj501-4320 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-4400 | - | All | All | All |
| Operating System | Omron | Nj501-4400 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-4500 | - | All | All | All |
| Operating System | Omron | Nj501-4500 Firmware | All | All | All | All |
| Hardware | Omron | Nj501-5300 | - | All | All | All |
| Hardware | Omron | Nj501-5300-1 | - | All | All | All |
| Operating System | Omron | Nj501-5300-1 Firmware | All | All | All | All |
| Operating System | Omron | Nj501-5300 Firmware | All | All | All | All |
| Hardware | Omron | Nx701-1600 | - | All | All | All |
| Operating System | Omron | Nx701-1600 Firmware | All | All | All | All |
| Hardware | Omron | Nx701-1620 | - | All | All | All |
| Operating System | Omron | Nx701-1620 Firmware | All | All | All | All |
| Hardware | Omron | Nx701-1700 | - | All | All | All |
| Operating System | Omron | Nx701-1700 Firmware | All | All | All | All |
| Hardware | Omron | Nx701-1720 | - | All | All | All |
| Operating System | Omron | Nx701-1720 Firmware | All | All | All | All |
| Hardware | Omron | Nx701-z600 | - | All | All | All |
| Operating System | Omron | Nx701-z600 Firmware | All | All | All | All |
| Hardware | Omron | Nx701-z700 | - | All | All | All |
| Operating System | Omron | Nx701-z700 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Omron SYSMAC CS/CJ/CP Series and NJ/NX Series | CISA | MISC | www.cisa.gov | |
| Blog - Forescout | MISC | www.forescout.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 591099 Omron SYSMAC CS/CJ/CP Series and NJ/NX Series Multiple Vulnerabilities (icsa-22-179-02)