CVE & CISA-KEV Catalog

CVE-2022-31206

CRITICAL
9.8
CVSS v3
NVD

Description

The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native machine code for execution by the PLC's runtime). The resulting machine code is executed by a runtime, typically controlled by a real-time operating system. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, allowing an attacker to manipulate transmitted object code to the PLC and execute arbitrary machine code on the processor of the PLC's CPU module in the context of the runtime. In the case of at least the NJ series, an RTOS and hardware combination is used that would potentially allow for memory protection and privilege separation and thus limit the impact of code execution. However, it was not confirmed whether these sufficiently segment the runtime from the rest of the RTOS.

How to fix

Remediation Available
nj101-1000 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj101-1020 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj101-9000 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj101-9020 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj301-1100 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj301-1200 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-1300 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-1320 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-1340 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-1400 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-1420 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-1500 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-1520 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-4300 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-4320 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-4400 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-4500 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-5300-1 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nj501-5300 firmwareNVD
Affected:< 1.49Fixed in:1.49CVE-2022-31206derived from NVD
nx701-1600 firmwareNVD
Affected:< 1.29Fixed in:1.29CVE-2022-31206derived from NVD
nx701-1620 firmwareNVD
Affected:< 1.29Fixed in:1.29CVE-2022-31206derived from NVD
nx701-1700 firmwareNVD
Affected:< 1.29Fixed in:1.29CVE-2022-31206derived from NVD
nx701-1720 firmwareNVD
Affected:< 1.29Fixed in:1.29CVE-2022-31206derived from NVD
nx701-z600 firmwareNVD
Affected:< 1.29Fixed in:1.29CVE-2022-31206derived from NVD
nx701-z700 firmwareNVD
Affected:< 1.29Fixed in:1.29CVE-2022-31206derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.86%probability of exploitation in 30 days
54thpercentile

Moderate risk: more likely to be exploited than 54% of all known CVEs.

References

Third-Party Advisory2

Related Vulnerabilities

Other CWE-347 vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2018-16042Medium6.582%--
CVE-2025-59718Critical9.866%KEVFix
CVE-2025-25292Critical9.864%-Fix
CVE-2021-22160Critical9.853%-Fix
CVE-2013-3900Medium5.545%KEV-
CVE-2018-0114High7.543%-Fix
Embed a live status badge for CVE-2022-31206
CVE-2022-31206 severity badge

Markdown

[![CVE-2022-31206](https://tridentstack.com/cve/badge/CVE-2022-31206.svg)](https://tridentstack.com/cve/CVE-2022-31206)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-31206"><img src="https://tridentstack.com/cve/badge/CVE-2022-31206.svg" alt="CVE-2022-31206"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.