CVE-2022-45790

CVSS V2 None CVSS V3 None

Description

The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.

Overview

CVE ID
CVE-2022-45790

Assigner
Dragos

Vulnerability Status
PUBLISHED

Published Version
2024-01-22T17:22:14.476Z

Last Modified Date
2024-01-22T17:22:14.476Z

Weakness Enumerations

CWE	URL
CWE-307	http://cwe.mitre.org/data/definitions/307.html

References

Reference URL	Reference Tags
https://www.cisa.gov/news-events/ics-advisories/icsa-23-262-05
https://www.fa.omron.co.jp/product/security/assets/pdf/en/OMSR-2023-010_en.pdf
https://www.dragos.com/advisory/omron-plc-and-engineering-software-network-and-file-format-access/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-45790
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45790

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 17:52:11				Added to TrackCVE