Unknown
CVE-2022-33208
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2022-33208
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software ‘Sysmac Studio’ all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who can analyze the communication between the affected controller and automation software ‘Sysmac Studio’ and/or a Programmable Terminal (PT) to access the controller.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- na5-12w firmware,
- na5-15w firmware,
- na5-7w firmware,
- na5-9w firmware,
- nj-pa3001 firmware,
- nj-pd3001 firmware,
- nj101-1000 firmware,
- nj101-1020 firmware,
- nj101-9000 firmware,
- nj101-9020 firmware,
- nj301-1100 firmware,
- nj301-1200 firmware,
- nj501-1300 firmware,
- nj501-1320 firmware,
- nj501-1340 firmware,
- nj501-140 firmware,
- nj501-1420 firmware,
- nj501-1500 firmware,
- nj501-1520 firmware,
- nj501-4300 firmware,
- nj501-4310 firmware,
- nj501-4320 firmware,
- nj501-4400 firmware,
- nj501-4500 firmware,
- nj501-5300 firmware,
- nj501-r300 firmware,
- nj501-r320 firmware,
- nj501-r400 firmware,
- nj501-r420 firmware,
- nj501-r500 firmware,
- nj501-r520 firmware,
- nx102-1000 firmware,
- nx102-1020 firmware,
- nx102-1100 firmware,
- nx102-1120 firmware,
- nx102-1200 firmware,
- nx102-1220 firmware,
- nx102-9020 firmware,
- nx1p2-1040dt firmware,
- nx1p2-1040dt1 firmware,
- nx1p2-1140dt firmware,
- nx1p2-1140dt1 firmware,
- nx1p2-9024dt firmware,
- nx1p2-9024dt1 firmware,
- nx1w-adb21 firmware,
- nx1w-cif01 firmware,
- nx1w-cif11 firmware,
- nx1w-cif12 firmware,
- nx1w-dab21v firmware,
- nx1w-mab221 firmware,
- nx701-1600 firmware,
- nx701-1620 firmware,
- nx701-1700 firmware,
- nx701-1720 firmware,
- nx701-z600 firmware,
- nx701-z700 firmware,
- sysmac studio
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
