CVE-2022-29951

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-29951
JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP protocol (configurable on ports 1024-65534 on either TCP or UDP) for a wide variety of engineering purposes such as starting and stopping the PLC, downloading and uploading projects, and changing configuration settings. This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.

9.1 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02 Mitigation Third Party Advisory US Government Resource
https://www.forescout.com/blog/ Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:jtekt:pc10g-cpu_tcc-6353_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10g-cpu_tcc-6353:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:jtekt:pc10ge_tcc-6464_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10ge_tcc-6464:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:jtekt:pc10p_tcc-6372_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p_tcc-6372:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:jtekt:pc10p-dp_tcc-6726_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p-dp_tcc-6726:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:jtekt:pc10p-dp-io_tcc-6752_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p-dp-io_tcc-6752:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:jtekt:pc10b-p_tcc-6373_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10b-p_tcc-6373:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:jtekt:pc10b_tcc-1021_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10b_tcc-1021:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:jtekt:pc10e_tcc-4737_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10e_tcc-4737:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:jtekt:pc10el_tcc-4747_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10el_tcc-4747:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:jtekt:plus_cpu_tcc-6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:plus_cpu_tcc-6740:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:jtekt:pc3jx_tcc-6901_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc3jx_tcc-6901:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:jtekt:pc3jx-d_tcc-6902_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc3jx-d_tcc-6902:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:jtekt:pc10pe_tcc-1101_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10pe_tcc-1101:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:jtekt:pc10pe-1616p_tcc-1102_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10pe-1616p_tcc-1102:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:jtekt:pcdl_tkc-6688_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pcdl_tkc-6688:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:jtekt:nano_10gx_tuc-1157_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:nano_10gx_tuc-1157:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:jtekt:nano_cpu_tuc-6941_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:nano_cpu_tuc-6941:-:*:*:*:*:*:*:*
History

02 Aug 2022, 19:49

Type Values Removed Values Added
CPE cpe:2.3:h:jtekt:pcdl_tkc-6688:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10ge_tcc-6464:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p_tcc-6372:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10p-dp-io_tcc-6752_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc3jx-d_tcc-6902:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pcdl_tkc-6688_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10p-dp_tcc-6726_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:nano_10gx_tuc-1157_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10b-p_tcc-6373:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:nano_10gx_tuc-1157:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10g-cpu_tcc-6353:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10b_tcc-1021:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc3jx_tcc-6901:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10el_tcc-4747_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10el_tcc-4747:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:plus_cpu_tcc-6740_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10pe_tcc-1101_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10pe-1616p_tcc-1102:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:plus_cpu_tcc-6740:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10b_tcc-1021_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p-dp_tcc-6726:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10p-dp-io_tcc-6752:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:nano_cpu_tuc-6941_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10e_tcc-4737:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10e_tcc-4737_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc3jx_tcc-6901_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:pc10pe_tcc-1101:-:*:*:*:*:*:*:*
cpe:2.3:h:jtekt:nano_cpu_tuc-6941:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc3jx-d_tcc-6902_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10g-cpu_tcc-6353_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10p_tcc-6372_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10b-p_tcc-6373_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10ge_tcc-6464_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:jtekt:pc10pe-1616p_tcc-1102_firmware:-:*:*:*:*:*:*:*
References (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02 - (MISC) https://www.cisa.gov/uscert/ics/advisories/icsa-22-172-02 - Mitigation, Third Party Advisory, US Government Resource
References (MISC) https://www.forescout.com/blog/ - (MISC) https://www.forescout.com/blog/ - Third Party Advisory
First Time Jtekt pcdl Tkc-6688
Jtekt nano 10gx Tuc-1157
Jtekt plus Cpu Tcc-6740 Firmware
Jtekt pc10pe Tcc-1101
Jtekt plus Cpu Tcc-6740
Jtekt pc3jx-d Tcc-6902 Firmware
Jtekt
Jtekt pc10ge Tcc-6464 Firmware
Jtekt pc10ge Tcc-6464
Jtekt pc10b Tcc-1021
Jtekt pc3jx-d Tcc-6902
Jtekt pc3jx Tcc-6901
Jtekt nano 10gx Tuc-1157 Firmware
Jtekt pc10e Tcc-4737
Jtekt pc10g-cpu Tcc-6353 Firmware
Jtekt nano Cpu Tuc-6941 Firmware
Jtekt pc3jx Tcc-6901 Firmware
Jtekt pc10p-dp Tcc-6726
Jtekt pc10p Tcc-6372
Jtekt pc10p Tcc-6372 Firmware
Jtekt pc10pe-1616p Tcc-1102
Jtekt pc10p-dp Tcc-6726 Firmware
Jtekt pc10p-dp-io Tcc-6752
Jtekt pc10pe Tcc-1101 Firmware
Jtekt pc10el Tcc-4747 Firmware
Jtekt pcdl Tkc-6688 Firmware
Jtekt pc10e Tcc-4737 Firmware
Jtekt nano Cpu Tuc-6941
Jtekt pc10b-p Tcc-6373
Jtekt pc10el Tcc-4747
Jtekt pc10pe-1616p Tcc-1102 Firmware
Jtekt pc10g-cpu Tcc-6353
Jtekt pc10b-p Tcc-6373 Firmware
Jtekt pc10b Tcc-1021 Firmware
Jtekt pc10p-dp-io Tcc-6752 Firmware
CWE CWE-306
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.1

26 Jul 2022, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2022-07-26 22:15

Updated : 2024-02-09 03:16

NVD link : CVE-2022-29951

Mitre link : CVE-2022-29951

CVE.ORG link : CVE-2022-29951

JSON object : View

Products Affected

jtekt

  • pc3jx_tcc-6901_firmware
  • pc3jx-d_tcc-6902
  • pc10g-cpu_tcc-6353
  • pc10b_tcc-1021_firmware
  • pc10el_tcc-4747_firmware
  • pc10pe_tcc-1101_firmware
  • pc10pe_tcc-1101
  • pc10g-cpu_tcc-6353_firmware
  • pc10e_tcc-4737_firmware
  • plus_cpu_tcc-6740_firmware
  • pc3jx_tcc-6901
  • pcdl_tkc-6688_firmware
  • pc10p_tcc-6372_firmware
  • nano_10gx_tuc-1157
  • pcdl_tkc-6688
  • pc10p-dp-io_tcc-6752_firmware
  • pc10b_tcc-1021
  • pc10b-p_tcc-6373
  • pc3jx-d_tcc-6902_firmware
  • pc10p-dp-io_tcc-6752
  • pc10b-p_tcc-6373_firmware
  • pc10pe-1616p_tcc-1102_firmware
  • pc10pe-1616p_tcc-1102
  • pc10p-dp_tcc-6726_firmware
  • nano_10gx_tuc-1157_firmware
  • pc10p-dp_tcc-6726
  • nano_cpu_tuc-6941_firmware
  • plus_cpu_tcc-6740
  • pc10ge_tcc-6464
  • pc10el_tcc-4747
  • nano_cpu_tuc-6941
  • pc10p_tcc-6372
  • pc10e_tcc-4737
  • pc10ge_tcc-6464_firmware
CWE
CWE-306

Missing Authentication for Critical Function