CVE & CISA-KEV Catalog

CVE-2022-45790

HIGH
8.6
CVSS v3
NVD

Description

The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gain access to protected memory. This access can allow overwrite of values including programmed logic.

How to fix

Remediation Available
cj1g-cpu42p firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cj1g-cpu43p firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cj1g-cpu44p firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cj1g-cpu45p-gtc firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cj1g-cpu45p firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cj2h-cpu64-eip firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu64 firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu65-eip firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu65 firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu66-eip firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu66 firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu67-eip firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu67 firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu68-eip firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2h-cpu68 firmwareNVD
Affected:< 1.5Fixed in:1.5CVE-2022-45790derived from NVD
cj2m-cpu11 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu12 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu13 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu14 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu15 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu31 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu32 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu33 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu34 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-cpu35 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-md211 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cj2m-md212 firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cp1e-e firmwareNVD
Affected:< 1.3Fixed in:1.3CVE-2022-45790derived from NVD
cp1e-n firmwareNVD
Affected:< 1.3Fixed in:1.3CVE-2022-45790derived from NVD
cs1d-cpu42s firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cs1d-cpu44s firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cs1d-cpu65h firmwareNVD
Affected:< 1.4Fixed in:1.4CVE-2022-45790derived from NVD
cs1d-cpu65p firmwareNVD
Affected:< 1.4Fixed in:1.4CVE-2022-45790derived from NVD
cs1d-cpu65s firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cs1d-cpu67h firmwareNVD
Affected:< 1.4Fixed in:1.4CVE-2022-45790derived from NVD
cs1d-cpu67p firmwareNVD
Affected:< 1.4Fixed in:1.4CVE-2022-45790derived from NVD
cs1d-cpu67s firmwareNVD
Affected:< 2.1Fixed in:2.1CVE-2022-45790derived from NVD
cs1g-cpu42h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1g-cpu43h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1g-cpu44h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1g-cpu45h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1h-cpu63h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1h-cpu64h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1h-cpu65h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1h-cpu66h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD
cs1h-cpu67h firmwareNVD
Affected:< 4.1Fixed in:4.1CVE-2022-45790derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged

Impact

ConfidentialityNone
IntegrityHigh
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Exploit Intelligence

0.70%probability of exploitation in 30 days
49thpercentile

Moderate risk: more likely to be exploited than 49% of all known CVEs.

References

Vendor Advisory1
Third-Party Advisory2

Related Vulnerabilities

Other CWE-307 vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2019-17240Critical9.840%--
CVE-2023-29301High7.529%--
CVE-2023-22960High7.528%-Fix
CVE-2020-15906Critical9.827%-Fix
CVE-2016-9361Critical9.820%--
CVE-2024-39225Critical9.815%--
Embed a live status badge for CVE-2022-45790
CVE-2022-45790 severity badge

Markdown

[![CVE-2022-45790](https://tridentstack.com/cve/badge/CVE-2022-45790.svg)](https://tridentstack.com/cve/CVE-2022-45790)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-45790"><img src="https://tridentstack.com/cve/badge/CVE-2022-45790.svg" alt="CVE-2022-45790"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.