Cyber Resilience

CVE-2022-31206

Critical

Published: 26 July 2022

Published
26 July 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0031 54.7th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-31206 is a critical-severity Improper Verification of Cryptographic Signature (CWE-347) vulnerability in Omron Nx701-1600 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 45.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

The Omron SYSMAC Nx product family PLCs (NJ series, NY series, NX series, and PMAC series) through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software (which compiles IEC 61131-3 conformant POU code to native…

more

machine code for execution by the PLC's runtime). The resulting machine code is executed by a runtime, typically controlled by a real-time operating system. The logic that is downloaded to the PLC does not seem to be cryptographically authenticated, allowing an attacker to manipulate transmitted object code to the PLC and execute arbitrary machine code on the processor of the PLC's CPU module in the context of the runtime. In the case of at least the NJ series, an RTOS and hardware combination is used that would potentially allow for memory protection and privilege separation and thus limit the impact of code execution. However, it was not confirmed whether these sufficiently segment the runtime from the rest of the RTOS.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

omron
nx701-1600 firmware
≤ 1.29
omron
nx701-1620 firmware
≤ 1.29
omron
nx701-1700 firmware
≤ 1.29
omron
nx701-1720 firmware
≤ 1.29
omron
nx701-z600 firmware
≤ 1.29
omron
nx701-z700 firmware
≤ 1.29
omron
nj101-1000 firmware
≤ 1.49
omron
nj101-1020 firmware
≤ 1.49
omron
nj101-9000 firmware
≤ 1.49
omron
nj101-9020 firmware
≤ 1.49
+15 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-347

Requires verification of digital signatures using organization-approved certificates before installation, directly preventing improper verification of cryptographic signatures.

addresses: CWE-347

Component authenticity commonly depends on cryptographic signatures; the control enforces proper verification of those signatures.

addresses: CWE-347

PKI certificates under an approved policy require cryptographic signature verification on issuance and validation.

addresses: CWE-347

Requires cryptographic signatures on authoritative data and support for verifying the chain of trust.

addresses: CWE-347

Mandates verification of cryptographic signatures (e.g., DNSSEC RRSIG) on resolution responses, addressing missing or bypassed signature checks.

addresses: CWE-347

Integrity tools commonly rely on cryptographic signatures whose improper validation this weakness covers.

addresses: CWE-347

Authenticity validation commonly relies on cryptographic signature or certificate checks that this control enforces.

References