CVE-2022-29951

Published: Jul 26, 2022Modified: Nov 21, 2024

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing configuration settings. This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.

Affected (17)

Products: Jtekt: Pc10g Cpu Tcc 6353 Firmware, Pc10ge Tcc 6464 Firmware, Pc10p Tcc 6372 Firmware, Pc10p Dp Tcc 6726 Firmware, Pc10p Dp Io Tcc 6752 Firmware, Pc10b P Tcc 6373 Firmware, Pc10b Tcc 1021 Firmware, Pc10e Tcc 4737 Firmware, Pc10el Tcc 4747 Firmware, Plus Cpu Tcc 6740 Firmware, Pc3jx Tcc 6901 Firmware, Pc3jx D Tcc 6902 Firmware, Pc10pe Tcc 1101 Firmware, Pc10pe 1616p Tcc 1102 Firmware, Pcdl Tkc 6688 Firmware, Nano 10gx Tuc 1157 Firmware, Nano Cpu Tuc 6941 Firmware

Jtekt

17 products

Pc10g Cpu Tcc 6353 Firmware

Pc10ge Tcc 6464 Firmware

Pc10p Tcc 6372 Firmware

Pc10p Dp Tcc 6726 Firmware

Pc10p Dp Io Tcc 6752 Firmware

Pc10b P Tcc 6373 Firmware

Pc10b Tcc 1021 Firmware

Pc10e Tcc 4737 Firmware

Pc10el Tcc 4747 Firmware

Plus Cpu Tcc 6740 Firmware

Pc3jx Tcc 6901 Firmware

Pc3jx D Tcc 6902 Firmware

Pc10pe Tcc 1101 Firmware

Pc10pe 1616p Tcc 1102 Firmware

Pcdl Tkc 6688 Firmware

Nano 10gx Tuc 1157 Firmware

Nano Cpu Tuc 6941 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10g Cpu Tcc 6353 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10g Cpu Tcc 6353	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10ge Tcc 6464 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10ge Tcc 6464	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10p Tcc 6372 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10p Tcc 6372	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10p Dp Tcc 6726 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10p Dp Tcc 6726	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10p Dp Io Tcc 6752 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10p Dp Io Tcc 6752	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10b P Tcc 6373 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10b P Tcc 6373	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10b Tcc 1021 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10b Tcc 1021	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10e Tcc 4737 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10e Tcc 4737	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10el Tcc 4747 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10el Tcc 4747	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Plus Cpu Tcc 6740 Firmware	All versions

Running on/with	Platform Versions
Jtekt Plus Cpu Tcc 6740	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc3jx Tcc 6901 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc3jx Tcc 6901	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc3jx D Tcc 6902 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc3jx D Tcc 6902	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10pe Tcc 1101 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10pe Tcc 1101	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pc10pe 1616p Tcc 1102 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pc10pe 1616p Tcc 1102	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Pcdl Tkc 6688 Firmware	All versions

Running on/with	Platform Versions
Jtekt Pcdl Tkc 6688	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Nano 10gx Tuc 1157 Firmware	All versions

Running on/with	Platform Versions
Jtekt Nano 10gx Tuc 1157	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Jtekt Nano Cpu Tuc 6941 Firmware	All versions

Running on/with	Platform Versions
Jtekt Nano Cpu Tuc 6941	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (4)

https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02

Source: cve@mitre.org

MitigationThird Party AdvisoryUS Government Resource

https://www.forescout.com/blog/

Source: cve@mitre.org

Third Party Advisory

https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party AdvisoryUS Government Resource

https://www.forescout.com/blog/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.