CVE-2022-29951
Severity CVSS v4.0:
Pending analysis
Type:
CWE-306
Missing Authentication for Critical Function
Publication date:
26/07/2022
Last modified:
27/10/2024
Description
JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing configuration settings. This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.
Impact
Base Score 3.x
9.10
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:jtekt:pc10g-cpu_tcc-6353_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jtekt:pc10g-cpu_tcc-6353:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jtekt:pc10ge_tcc-6464_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jtekt:pc10ge_tcc-6464:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jtekt:pc10p_tcc-6372_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jtekt:pc10p_tcc-6372:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jtekt:pc10p-dp_tcc-6726_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jtekt:pc10p-dp_tcc-6726:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jtekt:pc10p-dp-io_tcc-6752_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jtekt:pc10p-dp-io_tcc-6752:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jtekt:pc10b-p_tcc-6373_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jtekt:pc10b-p_tcc-6373:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jtekt:pc10b_tcc-1021_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:jtekt:pc10b_tcc-1021:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:jtekt:pc10e_tcc-4737_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page