ГлавнаяУязвимости → CVE-2022-45794
8.6высокая

CVE-2022-45794

Описание

An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions) may use a network protocol to read and write files on the PLC internal memory and memory card.

Затрагиваемое ПО
Omron Sysmac cj2h-cpu64-eip firmwareOmron Sysmac cj2h-cpu64-eipOmron Sysmac cj2h-cpu64 firmwareOmron Sysmac cj2h-cpu64Omron Sysmac cj2h-cpu65-eip firmwareOmron Sysmac cj2h-cpu65-eipOmron Sysmac cj2h-cpu65 firmwareOmron Sysmac cj2h-cpu65Omron Sysmac cj2h-cpu66-eip firmwareOmron Sysmac cj2h-cpu66-eipOmron Sysmac cj2h-cpu66 firmwareOmron Sysmac cj2h-cpu66Omron Sysmac cj2h-cpu67-eip firmwareOmron Sysmac cj2h-cpu67-eipOmron Sysmac cj2h-cpu67 firmwareOmron Sysmac cj2h-cpu67Omron Sysmac cj2h-cpu68-eip firmwareOmron Sysmac cj2h-cpu68-eipOmron Sysmac cj2h-cpu68 firmwareOmron Sysmac cj2h-cpu68Omron Sysmac cj2m-cpu11 firmwareOmron Sysmac cj2m-cpu11Omron Sysmac cj2m-cpu12 firmwareOmron Sysmac cj2m-cpu12Omron Sysmac cj2m-cpu13 firmware
CVSS
Балл8.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Источники
https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-002_en.pdfhttps://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-002_en.pdf