CVE-2022-29951 : JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the

JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing configuration settings. This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.

Published 2022-07-26 22:15:11

Updated 2024-10-27 15:35:02

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2022-29951

Jtekt » Pc10g-cpu Tcc-6353 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10g-cpu_tcc-6353_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10g-cpu Tcc-6353 » Version: N/A
Jtekt » Pc10ge Tcc-6464 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10ge_tcc-6464_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10ge Tcc-6464 » Version: N/A
Jtekt » Pc10p Tcc-6372 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10p_tcc-6372_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10p Tcc-6372 » Version: N/A
Jtekt » Pc10p-dp Tcc-6726 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10p-dp_tcc-6726_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10p-dp Tcc-6726 » Version: N/A
Jtekt » Pc10p-dp-io Tcc-6752 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10p-dp-io_tcc-6752_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10p-dp-io Tcc-6752 » Version: N/A
Jtekt » Pc10b-p Tcc-6373 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10b-p_tcc-6373_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10b-p Tcc-6373 » Version: N/A
Jtekt » Pc10b Tcc-1021 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10b_tcc-1021_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10b Tcc-1021 » Version: N/A
Jtekt » Pc10e Tcc-4737 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10e_tcc-4737_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10e Tcc-4737 » Version: N/A
Jtekt » Plus Cpu Tcc-6740 Firmware » Version: N/A
cpe:2.3:o:jtekt:plus_cpu_tcc-6740_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Plus Cpu Tcc-6740 » Version: N/A
Jtekt » Pc10pe Tcc-1101 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10pe_tcc-1101_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10pe Tcc-1101 » Version: N/A
Jtekt » Pc10pe-1616p Tcc-1102 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10pe-1616p_tcc-1102_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10pe-1616p Tcc-1102 » Version: N/A
Jtekt » Nano 10gx Tuc-1157 Firmware » Version: N/A
cpe:2.3:o:jtekt:nano_10gx_tuc-1157_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Nano 10gx Tuc-1157 » Version: N/A
Jtekt » Nano Cpu Tuc-6941 Firmware » Version: N/A
cpe:2.3:o:jtekt:nano_cpu_tuc-6941_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Nano Cpu Tuc-6941 » Version: N/A
Jtekt » Pc10el Tcc-4747 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc10el_tcc-4747_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc10el Tcc-4747 » Version: N/A
Jtekt » Pc3jx Tcc-6901 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc3jx_tcc-6901_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc3jx Tcc-6901 » Version: N/A
Jtekt » Pc3jx-d Tcc-6902 Firmware » Version: N/A
cpe:2.3:o:jtekt:pc3jx-d_tcc-6902_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pc3jx-d Tcc-6902 » Version: N/A
Jtekt » Pcdl Tkc-6688 Firmware » Version: N/A
cpe:2.3:o:jtekt:pcdl_tkc-6688_firmware:-:*:*:*:*:*:*:*
Matching versions
When used together with: Jtekt » Pcdl Tkc-6688 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-29951

EPSS FAQ

0.11%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 30 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-29951

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.1	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H	3.9	5.2	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-10-27
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: High
9.1	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H	3.9	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: High

CWE ids for CVE-2022-29951

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)

References for CVE-2022-29951

https://www.forescout.com/blog/

Blog - Forescout
Third Party Advisory

CVEs referencing this url
https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02

JTEKT TOYOPUC | CISA
Mitigation;Third Party Advisory;US Government Resource

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-29951

Products affected by CVE-2022-29951

Exploit prediction scoring system (EPSS) score for CVE-2022-29951

CVSS scores for CVE-2022-29951

CWE ids for CVE-2022-29951

References for CVE-2022-29951