CVE-2022-29951

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing configuration settings. This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02 Mitigation Third Party Advisory US Government Resource
https://www.forescout.com/blog/ Third Party Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02 Mitigation Third Party Advisory US Government Resource
https://www.forescout.com/blog/ Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:jtekt:pc10g-cpu_tcc-6353_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10g-cpu_tcc-6353:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:jtekt:pc10ge_tcc-6464_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10ge_tcc-6464:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:jtekt:pc10p_tcc-6372_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p_tcc-6372:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:jtekt:pc10p-dp_tcc-6726_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p-dp_tcc-6726:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:jtekt:pc10p-dp-io_tcc-6752_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p-dp-io_tcc-6752:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:jtekt:pc10b-p_tcc-6373_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10b-p_tcc-6373:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:jtekt:pc10b_tcc-1021_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10b_tcc-1021:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:jtekt:pc10e_tcc-4737_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10e_tcc-4737:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:jtekt:pc10el_tcc-4747_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10el_tcc-4747:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:jtekt:plus_cpu_tcc-6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:plus_cpu_tcc-6740:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:jtekt:pc3jx_tcc-6901_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc3jx_tcc-6901:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:jtekt:pc3jx-d_tcc-6902_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc3jx-d_tcc-6902:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:jtekt:pc10pe_tcc-1101_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10pe_tcc-1101:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:jtekt:pc10pe-1616p_tcc-1102_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10pe-1616p_tcc-1102:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:jtekt:pcdl_tkc-6688_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pcdl_tkc-6688:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:jtekt:nano_10gx_tuc-1157_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:nano_10gx_tuc-1157:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:jtekt:nano_cpu_tuc-6941_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:nano_cpu_tuc-6941:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:00

Type Values Removed Values Added
References () https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02 - Mitigation, Third Party Advisory, US Government Resource () https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02 - Mitigation, Third Party Advisory, US Government Resource
References () https://www.forescout.com/blog/ - Third Party Advisory () https://www.forescout.com/blog/ - Third Party Advisory

Information

Published : 2022-07-26 22:15

Updated : 2024-11-21 07:00


NVD link : CVE-2022-29951

Mitre link : CVE-2022-29951

CVE.ORG link : CVE-2022-29951


JSON object : View

Products Affected

jtekt

  • pc10ge_tcc-6464
  • pc10p_tcc-6372
  • plus_cpu_tcc-6740_firmware
  • pc10pe-1616p_tcc-1102
  • pc10b_tcc-1021
  • pc10el_tcc-4747_firmware
  • pc10b_tcc-1021_firmware
  • pc10e_tcc-4737
  • nano_cpu_tuc-6941_firmware
  • pc10pe-1616p_tcc-1102_firmware
  • pc10b-p_tcc-6373_firmware
  • pc10p_tcc-6372_firmware
  • pc3jx-d_tcc-6902
  • pc3jx_tcc-6901
  • pc10p-dp-io_tcc-6752
  • pcdl_tkc-6688_firmware
  • nano_10gx_tuc-1157_firmware
  • plus_cpu_tcc-6740
  • pc10el_tcc-4747
  • nano_10gx_tuc-1157
  • nano_cpu_tuc-6941
  • pc10g-cpu_tcc-6353
  • pc10g-cpu_tcc-6353_firmware
  • pc10p-dp_tcc-6726_firmware
  • pc10pe_tcc-1101
  • pc10e_tcc-4737_firmware
  • pc10p-dp-io_tcc-6752_firmware
  • pc10ge_tcc-6464_firmware
  • pc10b-p_tcc-6373
  • pcdl_tkc-6688
  • pc10p-dp_tcc-6726
  • pc3jx-d_tcc-6902_firmware
  • pc10pe_tcc-1101_firmware
  • pc3jx_tcc-6901_firmware
CWE
CWE-306

Missing Authentication for Critical Function