CVE-2022-34151
published 2022-07-04CVE-2022-34151: Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7…
PriorityP277high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.09%
61.3th percentile
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.
Affected
57 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| omron | na5-12w_firmware | <= 1.15 | — |
| omron | na5-15w_firmware | <= 1.15 | — |
| omron | na5-7w_firmware | <= 1.15 | — |
| omron | na5-9w_firmware | <= 1.15 | — |
| omron | nj-pa3001_firmware | <= 1.48 | — |
| omron | nj-pd3001_firmware | <= 1.48 | — |
| omron | nj101-1000_firmware | <= 1.48 | — |
| omron | nj101-1020_firmware | <= 1.48 | — |
| omron | nj101-9000_firmware | <= 1.48 | — |
| omron | nj101-9020_firmware | <= 1.48 | — |
| omron | nj301-1100_firmware | <= 1.48 | — |
| omron | nj301-1200_firmware | < 1.48 | 1.48 |
| omron | nj501-1300_firmware | <= 1.48 | — |
| omron | nj501-1320_firmware | <= 1.48 | — |
| omron | nj501-1340_firmware | <= 1.48 | — |
| omron | nj501-140_firmware | <= 1.48 | — |
| omron | nj501-1420_firmware | <= 1.48 | — |
| omron | nj501-1500_firmware | <= 1.48 | — |
| omron | nj501-1520_firmware | <= 1.48 | — |
| omron | nj501-4300_firmware | <= 1.48 | — |
| omron | nj501-4310_firmware | <= 1.48 | — |
| omron | nj501-4320_firmware | <= 1.48 | — |
| omron | nj501-4400_firmware | <= 1.48 | — |
| omron | nj501-4500_firmware | <= 1.48 | — |
| omron | nj501-5300_firmware | <= 1.48 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2022-34151 has a CVSS v3 base score of 9.4 (AV:N/AC:L/PR:N/UI:N) and public exploits are available. Prioritize detection of unauthenticated remote HTTP access to Omron controller CGI endpoints. ↗
- →BADOMEN targets Omron NX/NJ series controllers. Anomalous communications to the controller's HTTP server from non-Sysmac Studio sources should be treated as suspicious, as BADOMEN mimics the same CGI endpoints used by legitimate Sysmac Studio software. ↗
- ·The hard-coded credentials are embedded in the affected Omron NX/NJ controller firmware and Sysmac Studio software. An attacker must first extract credentials by analyzing the affected product before exploiting this vulnerability remotely. ↗
- ·BADOMEN cannot manipulate Omron Safety Controllers in its current form, but Dragos assesses this is likely the next step in its development. ↗
- ·After a BADOMEN-induced controller crash, SD card restore may fail but can inadvertently re-enable Program Mode, allowing factory reset and logic restoration. Defenders should be aware recovery may be non-trivial. ↗
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vulncheck8.1HIGH
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gx2r-v5m4-v5qp: Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1
ghsa_unreviewed·2022-07-05
CVE-2022-34151 [HIGH] CWE-294 GHSA-gx2r-v5m4-v5qp: Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.
VulnCheck
omron nx701-1600_firmware Use of Hard-coded Credentials
vulncheck·2022·CVSS 8.1
CVE-2022-34151 [HIGH] omron nx701-1600_firmware Use of Hard-coded Credentials
omron nx701-1600_firmware Use of Hard-coded Credentials
Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.
Affected: omron nx701-1600_firmware
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or
Red Hat
ImageMagick: Undefined behaviors of casting double to size_t in svg, mvg and other coders
vendor_redhat·2023-05-29·CVSS 7.8
CVE-2023-34151 [HIGH] CWE-190 ImageMagick: Undefined behaviors of casting double to size_t in svg, mvg and other coders
ImageMagick: Undefined behaviors of casting double to size_t in svg, mvg and other coders
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
A vulnerability was found in ImageMagick. This issue occurs as an undefined behavior, casting double to size_t in svg, mvg and other coders.
Package: ImageMagick (Red Hat Enterprise Linux 6) - Out of support scope
Package: ImageMagick (Red Hat Enterprise Linux 7) - Out of support scope
CISA ICS
Omron NJ/NX-series Machine Automation Controllers
cisa_ics·2022-11-14
Omron NJ/NX-series Machine Automation Controllers
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Omron NJ/NX-series Machine Automation Controllers
Last RevisedNovember 14, 2022
Alert CodeICSA-22-314-08
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.4
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: Omron
- Equipment: NJ/NX-series Controllers and Software
- Vulnerabilities: Hard-coded Credentials, Authentication Bypass by Capture-replay
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities may allow an attacker to bypass authentication in the communications connection process to login and operate the controller produ
No detection rules found.
No public exploits indexed.
Dragos
OT Security Advisories
blogs_dragos·2025-09-17·CVSS 7.5
CVE-2024-432057 [HIGH] OT Security Advisories
## OT Security Advisories
## These advisories cover OT/ICS vulnerabilities discovered and disclosed by Dragos as an authorized CVE Numbering Authority (CNA).
Threat Level
Name
CVE ID
Vulnerability Type
Affects
Limited Threat
Maples Systems/Weintek HMI Panel and EBPro Software Vulnerabilities
CVE-2024-432057
CVE-2024-7710
Incorrect Permission Assignment for Critical Resource
Integrity check fails to identify out-of-band logic changes
Maple Systems and Weintek Brand HMI panels: iP Series: All versions, all models
iE Series: All versions, all models
eMT Series: All versions, all models
XE Series: All versions, all models
mTV Series: All versions, all models
Maple Systems and Weintek Brand HMI panels: iP Series: All versions, all models
iE Series: All versions, all models
eMT Ser
Dragos
Analyzing PIPEDREAM: Results from Runtime Testing
blogs_dragos·2022-10-27
Analyzing PIPEDREAM: Results from Runtime Testing
OT Cybersecurity Basics Build a stronger OT security strategy
5 Critical Controls SANS ICS framework for defense
Industrial Risk Management Quantifying OT risk and dependencies
Monitoring Threat Groups Know your adversary
Year in Review Report 9th annual threat report
OT Compliance NIS2, CAF v4, SOCI/SONS, TSA, & more
NERC CIP Dragos Alignment
INSM Compliance Path for NERC-CIP-015
RESOURCES
Threat Reports
Whitepapers
Datasheets
Solution Briefs
Case Studies
Blog
Webinars
Dragos Industrial Security Conference
COMMUNITY
OT-CERT Program
Community Defense Program
DRAGOS ACADEMY
On-Demand Training
About Dragos Safeguarding civilization
Leadership Experts in defense
Newsroom Up-to-date cyber news
Careers Current job openings
Event Calendar Connect in person
Dragos Indus
2022-07-04
Published
Exploited in the wild