CVE-2022-33971

HIGH Year: 2022
CVSS v3 Score
7.5
High
CVSS v2 Score
5.4
Medium
Weakness Type
CWE-294
View all →

Vulnerability Description

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, and Machine automation controller NJ series all models V 1.48 and earlier, which may allow an adjacent attacker who can analyze the communication between the controller and the specific software used by OMRON internally to cause a denial-of-service (DoS) condition or execute a malicious program.

Related Vulnerabilities

CVE-2018-1128

HIGH
CVSS:7.5(High)

It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packe...

CWE-2942018

CVE-2018-17176

HIGH
CVSS:7.5(High)

A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication (always transmitted in cleartext) can be repla...

CWE-2942018

CVE-2018-7356

HIGH
CVSS:7.5(High)

All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attacke...

CWE-2942018

CVE-2019-12393

HIGH
CVSS:7.5(High)

Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests.

CWE-2942019

CVE-2019-3915

HIGH
CVSS:7.5(High)

Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept ...

CWE-2942019

CVE-2020-27374

HIGH
CVSS:7.5(High)

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring.

CWE-2942020