Vulnerability Information 2022

Vulnerability List

Release Date	Database ID	Affected products	Affected customers	Affected customers	Reporter
Nov. 18, 2022	CVE-2022-2003	PLC series： DL05 DL06 DL205 DL405 SJ SJ-ETHER SZ SU SL SR-1T PZ	Customers using the affected PLC series and using the password function.	A vulnerability has been discovered that could allow a remote or local third party to steal passwords when using the password function in our PLC products.	This vulnerability was discovered by: Sam Hanson (DRAGOS, INC.)
Nov. 18, 2022	CVE-2022-2004
May. 09, 2022	JVN#50337155	HMI GC-A2 series： GC-A22W-CW GC-A24W-C(W) GC-A26W-C(W) GC-A24 GC-A24-M GC-A25 GC-A26 GC-A26-J2	Product: Screen Creator Advance 2 Version: Prior to Ver.0.1.1.3 Build01	In prior to Ver.0.1.1.3 Build01, there is a vulnerability that allows you to authenticate without entering authentication information if you try remote control while satisfying multiple conditions.	JTEKT ELECTRONICS CORPORATION formerly known as KOYO ELECTRONICS INDUSTRIES COMPANY LIMITED SQA Team
May. 09, 2022	CVE-2022-29518
Mar. 15, 2022	ZDI-22-543 ZDI-CAN-14868	Screen Creator Advance2(SCA2)	Product: Screen Creator Advance 2 Version: Ver.0.1.1.1 Build02 and earlier	Remote code execution vulnerability caused stack based buffer overflow in file parsing.	This vulnerability was discovered by: Tran Van Khang-khangkito (VinCSS) working with Trend Micro Zero Day Initiative.
Mar. 15, 2022	JVN#98676431	Screen Creator Advance2(SCA2)