All the vulnerabilites related to Yokogawa - ProSafe-RS
cve-2019-5909
Vulnerability from cvelistv5
Published
2019-02-13 18:00
Modified
2024-08-04 20:09
Severity ?
Summary
License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:09:23.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf"
          },
          {
            "name": "106772",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106772"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://jvn.jp/vu/JVNVU99147082/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "License Manager Service of YOKOGAWA products",
          "vendor": "Yokogawa Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "(CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03))"
            }
          ]
        }
      ],
      "datePublic": "2019-02-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authentication Bypass by Assumed-Immutable Data",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-02-14T10:57:01",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf"
        },
        {
          "name": "106772",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106772"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://jvn.jp/vu/JVNVU99147082/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2019-5909",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "License Manager Service of YOKOGAWA products",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "(CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03))"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Yokogawa Electric Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authentication Bypass by Assumed-Immutable Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf",
              "refsource": "MISC",
              "url": "https://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf"
            },
            {
              "name": "106772",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106772"
            },
            {
              "name": "http://jvn.jp/vu/JVNVU99147082/index.html",
              "refsource": "MISC",
              "url": "http://jvn.jp/vu/JVNVU99147082/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2019-5909",
    "datePublished": "2019-02-13T18:00:00",
    "dateReserved": "2019-01-10T00:00:00",
    "dateUpdated": "2024-08-04T20:09:23.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-5626
Vulnerability from cvelistv5
Published
2020-02-05 18:46
Modified
2024-08-06 06:59
Severity ?
Summary
Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet.
Impacted products
Vendor Product Version
Yokogawa CENTUM CS 3000 Version: R3.09.50 and earlier
Yokogawa CENTUM CS 3000 Entry Version: R3.09.50 and earlier
Yokogawa CENTUM VP Version: R5.04.20 and earlier
Yokogawa CENTUM VP Entry Version: R5.04.20 and earlier
Yokogawa ProSafe-RS Version: R3.02.10 and earlier
Yokogawa Exaopc Version: R3.72.00 and earlier
Yokogawa Exaquantum Version: R2.85.00 and earlier
Yokogawa Exaquantum/Batch Version: R2.50.30 and earlier
Yokogawa Exapilot Version: R3.96.10 and earlier
Yokogawa Exaplog Version: R3.40.00 and earlier
Yokogawa Exasmoc Version: R4.03.20 and earlier
Yokogawa Exarqe Version: R4.03.20 and earlier
Yokogawa Field Wireless Device OPC Server Version: R2.01.02 and earlier
Yokogawa PRM Version: R3.12.00 and earlier
Yokogawa STARDOM VDS Version: R7.30.01 and earlier
Yokogawa STARDOM OPC Server for Windows Version: R3.40 and earlier
Yokogawa FAST/TOOLS Version: R10.01 and earlier
Yokogawa B/M9000CS Version: R5.05.01 and earlier
Yokogawa B/M9000 VP Version: R7.03.04 and earlier
Yokogawa FieldMate Version: R1.01
Version: R1.02
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:59:02.787Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CENTUM CS 1000",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.08.70 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM CS 3000",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.09.50 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM CS 3000 Entry",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.09.50 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM VP",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.04.20 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM VP Entry",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.04.20 and earlier"
            }
          ]
        },
        {
          "product": "ProSafe-RS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.02.10 and earlier"
            }
          ]
        },
        {
          "product": "Exaopc",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.72.00 and earlier"
            }
          ]
        },
        {
          "product": "Exaquantum",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.85.00 and earlier"
            }
          ]
        },
        {
          "product": "Exaquantum/Batch",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.50.30 and earlier"
            }
          ]
        },
        {
          "product": "Exapilot",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.96.10 and earlier"
            }
          ]
        },
        {
          "product": "Exaplog",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.40.00 and earlier"
            }
          ]
        },
        {
          "product": "Exasmoc",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R4.03.20 and earlier"
            }
          ]
        },
        {
          "product": "Exarqe",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R4.03.20 and earlier"
            }
          ]
        },
        {
          "product": "Field Wireless Device OPC Server",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.01.02 and earlier"
            }
          ]
        },
        {
          "product": "PRM",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.12.00 and earlier"
            }
          ]
        },
        {
          "product": "STARDOM VDS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R7.30.01 and earlier"
            }
          ]
        },
        {
          "product": "STARDOM OPC Server for Windows",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.40 and earlier"
            }
          ]
        },
        {
          "product": "FAST/TOOLS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R10.01 and earlier"
            }
          ]
        },
        {
          "product": "B/M9000CS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.05.01 and earlier"
            }
          ]
        },
        {
          "product": "B/M9000 VP",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R7.03.04 and earlier"
            }
          ]
        },
        {
          "product": "FieldMate",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R1.01"
            },
            {
              "status": "affected",
              "version": "R1.02"
            }
          ]
        }
      ],
      "datePublic": "2015-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-05T18:46:05",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2015-5626",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CENTUM CS 1000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.08.70 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM CS 3000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.09.50 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM CS 3000 Entry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.09.50 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM VP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.04.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM VP Entry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.04.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ProSafe-RS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.02.10 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaopc",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.72.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaquantum",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.85.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaquantum/Batch",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.50.30 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exapilot",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.96.10 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaplog",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.40.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exasmoc",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R4.03.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exarqe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R4.03.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Field Wireless Device OPC Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.01.02 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "PRM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.12.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "STARDOM VDS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R7.30.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "STARDOM OPC Server for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.40 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FAST/TOOLS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R10.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "B/M9000CS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.05.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "B/M9000 VP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R7.03.04 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FieldMate",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R1.01"
                          },
                          {
                            "version_value": "R1.02"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Yokogawa"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
            },
            {
              "name": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2015-5626",
    "datePublished": "2020-02-05T18:46:05",
    "dateReserved": "2015-07-24T00:00:00",
    "dateUpdated": "2024-08-06T06:59:02.787Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-5627
Vulnerability from cvelistv5
Published
2020-02-05 18:45
Modified
2024-08-06 06:59
Severity ?
Summary
Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet.
Impacted products
Vendor Product Version
Yokogawa CENTUM CS 3000 Version: R3.09.50 and earlier
Yokogawa CENTUM CS 3000 Entry Version: R3.09.50 and earlier
Yokogawa CENTUM VP Version: R5.04.20 and earlier
Yokogawa CENTUM VP Entry Version: R5.04.20 and earlier
Yokogawa ProSafe-RS Version: R3.02.10 and earlier
Yokogawa Exaopc Version: R3.72.00 and earlier
Yokogawa Exaquantum Version: R2.85.00 and earlier
Yokogawa Exaquantum/Batch Version: R2.50.30 and earlier
Yokogawa Exapilot Version: R3.96.10 and earlier
Yokogawa Exaplog Version: R3.40.00 and earlier
Yokogawa Exasmoc Version: R4.03.20 and earlier
Yokogawa Exarqe Version: R4.03.20 and earlier
Yokogawa Field Wireless Device OPC Server Version: R2.01.02 and earlier
Yokogawa PRM Version: R3.12.00 and earlier
Yokogawa STARDOM VDS Version: R7.30.01 and earlier
Yokogawa STARDOM OPC Server for Windows Version: R3.40 and earlier
Yokogawa FAST/TOOLS Version: R10.01 and earlier
Yokogawa B/M9000CS Version: R5.05.01 and earlier
Yokogawa B/M9000 VP Version: R7.03.04 and earlier
Yokogawa FieldMate Version: R1.01
Version: R1.02
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:59:02.714Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CENTUM CS 1000",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.08.70 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM CS 3000",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.09.50 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM CS 3000 Entry",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.09.50 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM VP",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.04.20 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM VP Entry",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.04.20 and earlier"
            }
          ]
        },
        {
          "product": "ProSafe-RS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.02.10 and earlier"
            }
          ]
        },
        {
          "product": "Exaopc",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.72.00 and earlier"
            }
          ]
        },
        {
          "product": "Exaquantum",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.85.00 and earlier"
            }
          ]
        },
        {
          "product": "Exaquantum/Batch",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.50.30 and earlier"
            }
          ]
        },
        {
          "product": "Exapilot",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.96.10 and earlier"
            }
          ]
        },
        {
          "product": "Exaplog",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.40.00 and earlier"
            }
          ]
        },
        {
          "product": "Exasmoc",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R4.03.20 and earlier"
            }
          ]
        },
        {
          "product": "Exarqe",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R4.03.20 and earlier"
            }
          ]
        },
        {
          "product": "Field Wireless Device OPC Server",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.01.02 and earlier"
            }
          ]
        },
        {
          "product": "PRM",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.12.00 and earlier"
            }
          ]
        },
        {
          "product": "STARDOM VDS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R7.30.01 and earlier"
            }
          ]
        },
        {
          "product": "STARDOM OPC Server for Windows",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.40 and earlier"
            }
          ]
        },
        {
          "product": "FAST/TOOLS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R10.01 and earlier"
            }
          ]
        },
        {
          "product": "B/M9000CS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.05.01 and earlier"
            }
          ]
        },
        {
          "product": "B/M9000 VP",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R7.03.04 and earlier"
            }
          ]
        },
        {
          "product": "FieldMate",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R1.01"
            },
            {
              "status": "affected",
              "version": "R1.02"
            }
          ]
        }
      ],
      "datePublic": "2015-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-05T18:45:58",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2015-5627",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CENTUM CS 1000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.08.70 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM CS 3000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.09.50 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM CS 3000 Entry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.09.50 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM VP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.04.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM VP Entry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.04.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ProSafe-RS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.02.10 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaopc",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.72.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaquantum",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.85.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaquantum/Batch",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.50.30 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exapilot",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.96.10 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaplog",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.40.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exasmoc",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R4.03.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exarqe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R4.03.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Field Wireless Device OPC Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.01.02 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "PRM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.12.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "STARDOM VDS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R7.30.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "STARDOM OPC Server for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.40 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FAST/TOOLS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R10.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "B/M9000CS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.05.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "B/M9000 VP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R7.03.04 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FieldMate",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R1.01"
                          },
                          {
                            "version_value": "R1.02"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Yokogawa"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
            },
            {
              "name": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2015-5627",
    "datePublished": "2020-02-05T18:45:58",
    "dateReserved": "2015-07-24T00:00:00",
    "dateUpdated": "2024-08-06T06:59:02.714Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-5628
Vulnerability from cvelistv5
Published
2020-02-05 18:46
Modified
2024-08-06 06:59
Severity ?
Summary
Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet.
Impacted products
Vendor Product Version
Yokogawa CENTUM CS 3000 Version: R3.09.50 and earlier
Yokogawa CENTUM CS 3000 Entry Version: R3.09.50 and earlier
Yokogawa CENTUM VP Version: R5.04.20 and earlier
Yokogawa CENTUM VP Entry Version: R5.04.20 and earlier
Yokogawa ProSafe-RS Version: R3.02.10 and earlier
Yokogawa Exaopc Version: R3.72.00 and earlier
Yokogawa Exaquantum Version: R2.85.00 and earlier
Yokogawa Exaquantum/Batch Version: R2.50.30 and earlier
Yokogawa Exapilot Version: R3.96.10 and earlier
Yokogawa Exaplog Version: R3.40.00 and earlier
Yokogawa Exasmoc Version: R4.03.20 and earlier
Yokogawa Exarqe Version: R4.03.20 and earlier
Yokogawa Field Wireless Device OPC Server Version: R2.01.02 and earlier
Yokogawa PRM Version: R3.12.00 and earlier
Yokogawa STARDOM VDS Version: R7.30.01 and earlier
Yokogawa STARDOM OPC Server for Windows Version: R3.40 and earlier
Yokogawa FAST/TOOLS Version: R10.01 and earlier
Yokogawa B/M9000CS Version: R5.05.01 and earlier
Yokogawa B/M9000 VP Version: R7.03.04 and earlier
Yokogawa FieldMate Version: R1.01
Version: R1.02
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:59:02.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CENTUM CS 1000",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.08.70 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM CS 3000",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.09.50 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM CS 3000 Entry",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.09.50 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM VP",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.04.20 and earlier"
            }
          ]
        },
        {
          "product": "CENTUM VP Entry",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.04.20 and earlier"
            }
          ]
        },
        {
          "product": "ProSafe-RS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.02.10 and earlier"
            }
          ]
        },
        {
          "product": "Exaopc",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.72.00 and earlier"
            }
          ]
        },
        {
          "product": "Exaquantum",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.85.00 and earlier"
            }
          ]
        },
        {
          "product": "Exaquantum/Batch",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.50.30 and earlier"
            }
          ]
        },
        {
          "product": "Exapilot",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.96.10 and earlier"
            }
          ]
        },
        {
          "product": "Exaplog",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.40.00 and earlier"
            }
          ]
        },
        {
          "product": "Exasmoc",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R4.03.20 and earlier"
            }
          ]
        },
        {
          "product": "Exarqe",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R4.03.20 and earlier"
            }
          ]
        },
        {
          "product": "Field Wireless Device OPC Server",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R2.01.02 and earlier"
            }
          ]
        },
        {
          "product": "PRM",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.12.00 and earlier"
            }
          ]
        },
        {
          "product": "STARDOM VDS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R7.30.01 and earlier"
            }
          ]
        },
        {
          "product": "STARDOM OPC Server for Windows",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R3.40 and earlier"
            }
          ]
        },
        {
          "product": "FAST/TOOLS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R10.01 and earlier"
            }
          ]
        },
        {
          "product": "B/M9000CS",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R5.05.01 and earlier"
            }
          ]
        },
        {
          "product": "B/M9000 VP",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R7.03.04 and earlier"
            }
          ]
        },
        {
          "product": "FieldMate",
          "vendor": "Yokogawa",
          "versions": [
            {
              "status": "affected",
              "version": "R1.01"
            },
            {
              "status": "affected",
              "version": "R1.02"
            }
          ]
        }
      ],
      "datePublic": "2015-09-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-05T18:46:01",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2015-5628",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CENTUM CS 1000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.08.70 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM CS 3000",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.09.50 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM CS 3000 Entry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.09.50 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM VP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.04.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "CENTUM VP Entry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.04.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ProSafe-RS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.02.10 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaopc",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.72.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaquantum",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.85.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaquantum/Batch",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.50.30 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exapilot",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.96.10 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exaplog",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.40.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exasmoc",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R4.03.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Exarqe",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R4.03.20 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Field Wireless Device OPC Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R2.01.02 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "PRM",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.12.00 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "STARDOM VDS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R7.30.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "STARDOM OPC Server for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R3.40 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FAST/TOOLS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R10.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "B/M9000CS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R5.05.01 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "B/M9000 VP",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R7.03.04 and earlier"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "FieldMate",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "R1.01"
                          },
                          {
                            "version_value": "R1.02"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Yokogawa"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
            },
            {
              "name": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2015-5628",
    "datePublished": "2020-02-05T18:46:01",
    "dateReserved": "2015-07-24T00:00:00",
    "dateUpdated": "2024-08-06T06:59:02.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-16196
Vulnerability from cvelistv5
Published
2019-01-09 22:00
Modified
2024-08-05 10:17
Severity ?
Summary
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:17:38.287Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "106442",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106442"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU93652047/index.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver",
          "vendor": "Yokogawa Electric Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "(CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90))"
            }
          ]
        }
      ],
      "datePublic": "2019-01-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver\u0027s communication via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial-of-service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-10T10:57:01",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "name": "106442",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106442"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/vu/JVNVU93652047/index.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2018-16196",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "(CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90))"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Yokogawa Electric Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver\u0027s communication via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial-of-service (DoS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "106442",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106442"
            },
            {
              "name": "https://jvn.jp/vu/JVNVU93652047/index.html",
              "refsource": "MISC",
              "url": "https://jvn.jp/vu/JVNVU93652047/index.html"
            },
            {
              "name": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf",
              "refsource": "MISC",
              "url": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2018-16196",
    "datePublished": "2019-01-09T22:00:00",
    "dateReserved": "2018-08-30T00:00:00",
    "dateUpdated": "2024-08-05T10:17:38.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2019-02-13 18:29
Modified
2024-11-21 04:45
Severity ?
Summary
License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:b\\/m_9000_vp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40DE2148-E80C-4330-8941-C5C319BF2D66",
              "versionEndIncluding": "r8.02.03",
              "versionStartIncluding": "r7.01.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37DF1AC0-705E-4B76-A522-667A37FA93F9",
              "versionEndIncluding": "r6.06.00",
              "versionStartIncluding": "r5.01.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:basic:*:*:*",
              "matchCriteriaId": "19A1E542-1DB2-455B-92D1-D057CDEA784C",
              "versionEndIncluding": "r6.06.00",
              "versionStartIncluding": "r5.01.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:small:*:*:*",
              "matchCriteriaId": "5307CC19-5AEC-4A03-B21B-8E51439C91F7",
              "versionEndIncluding": "r6.06.00",
              "versionStartIncluding": "r5.01.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:prm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "554ECF75-53E8-4C85-922A-D7F1D5843233",
              "versionEndIncluding": "r4.02.00",
              "versionStartIncluding": "r4.01.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "499181E3-6277-4FEC-BD6F-192DD88BA5FC",
              "versionEndIncluding": "r4.04.00",
              "versionStartIncluding": "r3.01.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "El servicio de gesti\u00f3n de licencias de los productos YOKOGAWA (CENTUM VP R5.01.00 - R6.06.00; CENTUM VP Entry Class R5.01.00 - R6.06.00; ProSafe-RS R3.01.00 - R4.04.00; PRM R4.01.00 - R4.02.00 y B/M9000 VP R7.01.01 - R8.02.03) permite que los atacantes remotos omitan las restricciones de acceso para enviar archivos maliciosos al PC en el que se ejecuta dicho servicio mediante vectores sin especificar."
    }
  ],
  "id": "CVE-2019-5909",
  "lastModified": "2024-11-21T04:45:43.697",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-02-13T18:29:00.747",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://jvn.jp/vu/JVNVU99147082/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106772"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://jvn.jp/vu/JVNVU99147082/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-02-05 19:15
Modified
2024-11-21 02:33
Severity ?
Summary
Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1B8CF6-8FC2-4E3A-AB76-73E987726C0E",
              "versionEndIncluding": "r3.08.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7E67CC9-AE79-4CEC-8B35-C191EB32760C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48B0B579-F479-488F-8E62-DA698E2DA33F",
              "versionEndIncluding": "r3.09.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "111B964C-8A95-4751-829C-A5EEB0801D0A",
              "versionEndIncluding": "r3.09.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67BFCAD6-7540-4279-92C5-9ADAB35CD4A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CACAE33-FBCD-4C71-80F4-A0533846C41E",
              "versionEndIncluding": "r5.04.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "161A4767-228C-4681-9D20-81D9380CE48A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6BA4DF1-5E0C-4E6D-9EF3-71A0CD57DB09",
              "versionEndIncluding": "r5.04.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E37ECBA-48F6-456A-AE49-83347A91208B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:prosafe-rs_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA1C8F8A-D82A-483E-958F-C210D6B152B7",
              "versionEndIncluding": "r3.02.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:prosafe-rs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AC20D0-9D4F-42BF-B308-03343603CC3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "036843EA-6A69-411E-B0F5-FFA710E7C1AD",
              "versionEndIncluding": "r3.72.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exapilot:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37D42D7A-D6E5-445F-B82B-E891DB489BC0",
              "versionEndIncluding": "r3.96.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaplog:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B26B69-6D27-4123-8B98-A64F649488AF",
              "versionEndIncluding": "r3.40.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaquantum:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "567F1E51-190B-4C7E-AB51-9E78D028C4C1",
              "versionEndIncluding": "r2.85.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaquantum\\/batch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F434B396-76F3-43A0-BD20-8D43E78279DC",
              "versionEndIncluding": "r2.50.30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exarqe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99EEE22E-7C6E-4B0C-92CC-542BE80CEA5E",
              "versionEndIncluding": "r4.03.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exasmoc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AFC7E5E-37A1-43B3-9276-F37B7B8708B7",
              "versionEndIncluding": "r4.03.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:field_wireless_device_opc_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C6FDC-2AB5-461D-AB7B-FAD56A5BFD05",
              "versionEndIncluding": "r2.01.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:field_wireless_device_opc_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DE5CB8-1677-40D3-B0F9-F2783F264715",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D3A931F-E772-43FB-A771-76979044326F",
              "versionEndIncluding": "r3.12.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:scada_software_\\(fast\\/tools\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0899439-BF70-4511-87CA-98AC62EBF40D",
              "versionEndIncluding": "r10.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:versatile_data_server_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F29F7E5-54B9-4738-B8E5-B0E618C907BA",
              "versionEndIncluding": "r7.30.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:b\\/m9000cs_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26466967-050B-4875-B2CD-BB918E33A7DC",
              "versionEndIncluding": "r5.05.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C0600F-87E0-4CE5-ACB9-49F160DB3D33",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:b\\/m9000_vp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63546CAB-2A76-4974-8B11-9893B7EC01E8",
              "versionEndIncluding": "r7.03.04",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59BD08BA-2C44-4BD0-BAA1-AC9D304E2DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:fieldmate:r1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD722C9-63AD-4A71-8916-0B27956420C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:fieldmate:r1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB2F7A7-847B-4C3E-B128-CAC09BF828CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:stardom_opc_server:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "849A4355-8BF5-41E8-92B6-FCF28DFA2692",
              "versionEndIncluding": "r3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:stardom_opc_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE5D11B-6877-4390-B9F6-6610761DB902",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en Yokogawa CENTUM CS 1000 versiones R3.08.70 y anteriores, CENTUM CS 3000 versiones R3.09.50 y anteriores, CENTUM CS 3000 Entry versiones R3.09.50 y anteriores, CENTUM VP versiones R5.04.20 y anteriores, CENTUM VP Entry versiones R5.04.20 y anteriores, ProSafe-RS versiones R3.02.10 y anteriores, Exaopc versiones R3.72.00 y anteriores, Exaquantum versiones R2.85.00 y anteriores, Exaquantum/Batch versiones R2.50.30 y anteriores, Exapilot versiones R3.96.10 y anteriores, Exaplog versiones R3.40.00 y anteriores, Exasmoc versiones R4.03.20 y anteriores, Exarqe versiones R4.03.20 y anteriores, Field Wireless Device OPC Server versiones R2.01.02 y anteriores, PRM versiones R3.12.00 y anteriores, STARDOM VDS versiones R7.30.01 y anteriores, STARDOM OPC Server for Windows versiones R3.40 y anteriores, FAST/TOOLS versiones R10.01 y anteriores, B/M9000CS versiones R5.05.01 y anteriores, B/M9000 VP versiones R7.03.04 y anteriores, y FieldMate versiones R1.01 o R1.02, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un paquete dise\u00f1ado."
    }
  ],
  "id": "CVE-2015-5628",
  "lastModified": "2024-11-21T02:33:27.677",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-05T19:15:10.397",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-02-05 19:15
Modified
2024-11-21 02:33
Severity ?
Summary
Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1B8CF6-8FC2-4E3A-AB76-73E987726C0E",
              "versionEndIncluding": "r3.08.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7E67CC9-AE79-4CEC-8B35-C191EB32760C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48B0B579-F479-488F-8E62-DA698E2DA33F",
              "versionEndIncluding": "r3.09.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "111B964C-8A95-4751-829C-A5EEB0801D0A",
              "versionEndIncluding": "r3.09.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67BFCAD6-7540-4279-92C5-9ADAB35CD4A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CACAE33-FBCD-4C71-80F4-A0533846C41E",
              "versionEndIncluding": "r5.04.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "161A4767-228C-4681-9D20-81D9380CE48A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6BA4DF1-5E0C-4E6D-9EF3-71A0CD57DB09",
              "versionEndIncluding": "r5.04.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E37ECBA-48F6-456A-AE49-83347A91208B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:prosafe-rs_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA1C8F8A-D82A-483E-958F-C210D6B152B7",
              "versionEndIncluding": "r3.02.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:prosafe-rs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AC20D0-9D4F-42BF-B308-03343603CC3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "036843EA-6A69-411E-B0F5-FFA710E7C1AD",
              "versionEndIncluding": "r3.72.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exapilot:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37D42D7A-D6E5-445F-B82B-E891DB489BC0",
              "versionEndIncluding": "r3.96.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaplog:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B26B69-6D27-4123-8B98-A64F649488AF",
              "versionEndIncluding": "r3.40.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaquantum:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "567F1E51-190B-4C7E-AB51-9E78D028C4C1",
              "versionEndIncluding": "r2.85.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaquantum\\/batch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F434B396-76F3-43A0-BD20-8D43E78279DC",
              "versionEndIncluding": "r2.50.30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exarqe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99EEE22E-7C6E-4B0C-92CC-542BE80CEA5E",
              "versionEndIncluding": "r4.03.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exasmoc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AFC7E5E-37A1-43B3-9276-F37B7B8708B7",
              "versionEndIncluding": "r4.03.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:field_wireless_device_opc_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C6FDC-2AB5-461D-AB7B-FAD56A5BFD05",
              "versionEndIncluding": "r2.01.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:field_wireless_device_opc_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DE5CB8-1677-40D3-B0F9-F2783F264715",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D3A931F-E772-43FB-A771-76979044326F",
              "versionEndIncluding": "r3.12.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:scada_software_\\(fast\\/tools\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0899439-BF70-4511-87CA-98AC62EBF40D",
              "versionEndIncluding": "r10.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:versatile_data_server_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F29F7E5-54B9-4738-B8E5-B0E618C907BA",
              "versionEndIncluding": "r7.30.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:b\\/m9000cs_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26466967-050B-4875-B2CD-BB918E33A7DC",
              "versionEndIncluding": "r5.05.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C0600F-87E0-4CE5-ACB9-49F160DB3D33",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:b\\/m9000_vp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63546CAB-2A76-4974-8B11-9893B7EC01E8",
              "versionEndIncluding": "r7.03.04",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59BD08BA-2C44-4BD0-BAA1-AC9D304E2DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:fieldmate:r1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD722C9-63AD-4A71-8916-0B27956420C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:fieldmate:r1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB2F7A7-847B-4C3E-B128-CAC09BF828CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:stardom_opc_server:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "849A4355-8BF5-41E8-92B6-FCF28DFA2692",
              "versionEndIncluding": "r3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:stardom_opc_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE5D11B-6877-4390-B9F6-6610761DB902",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en Yokogawa CENTUM CS 1000 versiones R3.08.70 y anteriores, CENTUM CS 3000 versiones R3.09.50 y anteriores, CENTUM CS 3000 Entry versiones R3.09.50 y anteriores, CENTUM VP versiones R5.04.20 y anteriores, CENTUM VP Entry versiones R5.04.20 y anteriores, ProSafe-RS versiones R3.02.10 y anteriores, Exaopc versiones R3.72.00 y anteriores, Exaquantum versiones R2.85.00 y anteriores, Exaquantum/Batch versiones R2.50.30 y anteriores, Exapilot versiones R3.96.10 y anteriores, Exaplog versiones R3.40.00 y anteriores, Exasmoc versiones R4.03.20 y anteriores, Exarqe versiones R4.03.20 y anteriores, Field Wireless Device OPC Server versiones R2.01.02 y anteriores, PRM versiones R3.12.00 y anteriores, STARDOM VDS versiones R7.30.01 y anteriores, STARDOM OPC Server for Windows versiones R3.40 y anteriores, FAST/TOOLS versiones R10.01 y anteriores, B/M9000CS versiones R5.05.01 y anteriores, B/M9000 VP versiones R7.03.04 y anteriores, y FieldMate versiones R1.01 o R1.02, permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n de comunicaciones de red) por medio de un paquete dise\u00f1ado."
    }
  ],
  "id": "CVE-2015-5626",
  "lastModified": "2024-11-21T02:33:26.700",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-05T19:15:10.240",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-01-09 23:29
Modified
2024-11-21 03:52
Summary
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3EBF753-16FD-40D3-8EED-D72C32883883",
              "versionEndIncluding": "r3.09.50",
              "versionStartIncluding": "r3.05.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000_entry_class:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B46C20CD-6CA3-4233-BBFF-66E7987C2150",
              "versionEndIncluding": "r3.09.50",
              "versionStartIncluding": "r3.05.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1045034-D824-4CC1-9326-EEBA3FB34AAA",
              "versionEndIncluding": "r6.03.10",
              "versionStartIncluding": "r4.01.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "161A4767-228C-4681-9D20-81D9380CE48A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:centum_vp_entry_class:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A0FF6A1-E352-4EC5-B34B-2C5276B970C9",
              "versionEndIncluding": "r6.03.10",
              "versionStartIncluding": "r4.01.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:b\\/m9000_vp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F81F5B-CDB6-4FF2-80CB-D1CA0ABF2C24",
              "versionEndIncluding": "r8.01.90",
              "versionStartIncluding": "r6.03.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFDEE53D-6CF1-4DAF-95DE-BE832CC2A9A0",
              "versionEndIncluding": "r3.75.00",
              "versionStartIncluding": "r3.10.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:fast\\/tools:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B22E279-3BFE-4F58-A639-7761559A1365",
              "versionEndIncluding": "r10.02.00",
              "versionStartIncluding": "r9.02.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67C8BD51-4D87-4BDF-AF28-68B327392BEE",
              "versionEndIncluding": "r3.31.00",
              "versionStartIncluding": "r2.06.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96B459FD-0656-4E3F-A669-F5D07F60949C",
              "versionEndIncluding": "r4.02.00",
              "versionStartIncluding": "r1.02.00",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver\u0027s communication via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos Yokogawa que contienen el controlador Vnet/IP Open Communication (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00) y B/M9000 VP(R6.03.01 - R8.01.90)) permiten que atacantes remotos provoquen una denegaci\u00f3n de servicio (DoS) que podr\u00eda resultar en la detenci\u00f3n de la comunicaci\u00f3n del controlador Vnet/IP Open Communication mediante vectores sin especificar."
    }
  ],
  "id": "CVE-2018-16196",
  "lastModified": "2024-11-21T03:52:16.253",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-01-09T23:29:04.560",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106442"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://jvn.jp/vu/JVNVU93652047/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://jvn.jp/vu/JVNVU93652047/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-02-05 19:15
Modified
2024-11-21 02:33
Severity ?
Summary
Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1B8CF6-8FC2-4E3A-AB76-73E987726C0E",
              "versionEndIncluding": "r3.08.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7E67CC9-AE79-4CEC-8B35-C191EB32760C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48B0B579-F479-488F-8E62-DA698E2DA33F",
              "versionEndIncluding": "r3.09.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "111B964C-8A95-4751-829C-A5EEB0801D0A",
              "versionEndIncluding": "r3.09.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67BFCAD6-7540-4279-92C5-9ADAB35CD4A7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CACAE33-FBCD-4C71-80F4-A0533846C41E",
              "versionEndIncluding": "r5.04.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "161A4767-228C-4681-9D20-81D9380CE48A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6BA4DF1-5E0C-4E6D-9EF3-71A0CD57DB09",
              "versionEndIncluding": "r5.04.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E37ECBA-48F6-456A-AE49-83347A91208B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:prosafe-rs_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA1C8F8A-D82A-483E-958F-C210D6B152B7",
              "versionEndIncluding": "r3.02.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:prosafe-rs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16AC20D0-9D4F-42BF-B308-03343603CC3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "036843EA-6A69-411E-B0F5-FFA710E7C1AD",
              "versionEndIncluding": "r3.72.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exapilot:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37D42D7A-D6E5-445F-B82B-E891DB489BC0",
              "versionEndIncluding": "r3.96.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaplog:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B26B69-6D27-4123-8B98-A64F649488AF",
              "versionEndIncluding": "r3.40.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaquantum:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "567F1E51-190B-4C7E-AB51-9E78D028C4C1",
              "versionEndIncluding": "r2.85.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exaquantum\\/batch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F434B396-76F3-43A0-BD20-8D43E78279DC",
              "versionEndIncluding": "r2.50.30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exarqe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99EEE22E-7C6E-4B0C-92CC-542BE80CEA5E",
              "versionEndIncluding": "r4.03.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:exasmoc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AFC7E5E-37A1-43B3-9276-F37B7B8708B7",
              "versionEndIncluding": "r4.03.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:field_wireless_device_opc_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C6FDC-2AB5-461D-AB7B-FAD56A5BFD05",
              "versionEndIncluding": "r2.01.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:field_wireless_device_opc_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DE5CB8-1677-40D3-B0F9-F2783F264715",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D3A931F-E772-43FB-A771-76979044326F",
              "versionEndIncluding": "r3.12.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:scada_software_\\(fast\\/tools\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0899439-BF70-4511-87CA-98AC62EBF40D",
              "versionEndIncluding": "r10.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:versatile_data_server_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F29F7E5-54B9-4738-B8E5-B0E618C907BA",
              "versionEndIncluding": "r7.30.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:b\\/m9000cs_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26466967-050B-4875-B2CD-BB918E33A7DC",
              "versionEndIncluding": "r5.05.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C0600F-87E0-4CE5-ACB9-49F160DB3D33",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:b\\/m9000_vp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63546CAB-2A76-4974-8B11-9893B7EC01E8",
              "versionEndIncluding": "r7.03.04",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59BD08BA-2C44-4BD0-BAA1-AC9D304E2DAF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yokogawa:fieldmate:r1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD722C9-63AD-4A71-8916-0B27956420C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yokogawa:fieldmate:r1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB2F7A7-847B-4C3E-B128-CAC09BF828CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yokogawa:stardom_opc_server:*:*:*:*:*:windows:*:*",
              "matchCriteriaId": "849A4355-8BF5-41E8-92B6-FCF28DFA2692",
              "versionEndIncluding": "r3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yokogawa:stardom_opc_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EE5D11B-6877-4390-B9F6-6610761DB902",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en Yokogawa CENTUM CS 1000 versiones R3.08.70 y anteriores, CENTUM CS 3000 versiones R3.09.50 y anteriores, CENTUM CS 3000 Entry versiones R3.09.50 y anteriores, CENTUM VP versiones R5.04.20 y anteriores, CENTUM VP Entry versiones R5.04.20 y anteriores, ProSafe-RS versiones R3.02.10 y anteriores, Exaopc versiones R3.72.00 y anteriores, Exaquantum versiones R2.85.00 y anteriores, Exaquantum/Batch versiones R2.50.30 y anteriores, Exapilot versiones R3.96.10 y anteriores, Exaplog versiones R3.40.00 y anteriores, Exasmoc versiones R4.03.20 y anteriores, Exarqe versiones R4.03.20 y anteriores, Field Wireless Device OPC Server versiones R2.01.02 y anteriores, PRM versiones R3.12.00 y anteriores, STARDOM VDS versiones R7.30.01 y anteriores, STARDOM OPC Server for Windows versiones R3.40 y anteriores, FAST/TOOLS versiones R10.01 y anteriores, B/M9000CS versiones R5.05.01 y anteriores, B/M9000 VP versiones R7.03.04 y anteriores, y FieldMate versiones R1.01 o R1.02, permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n del proceso) por medio de un paquete dise\u00f1ado."
    }
  ],
  "id": "CVE-2015-5627",
  "lastModified": "2024-11-21T02:33:26.893",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-05T19:15:10.350",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-202002-0866
Vulnerability from variot

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet. Provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product's communication capabilities. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product's communication capabilities. * * Vulnerability that stops communication functions by receiving specially crafted packets (CVE-2015-5626) * * Vulnerability that could cause a process to stop by receiving a specially crafted packet (CVE-2015-5627) * * Vulnerability that allows arbitrary code to be executed by receiving specially crafted packets (CVE-2015-5628) For details, please check the information provided by the product developer.By receiving a specially crafted communication frame, the communication function and the process that has the communication function may be stopped, or arbitrary code may be executed with the authority of the system that executes the process. According to product developers, this vulnerability could be exploited if the network of the entire system is properly managed, such as the network to which the affected product is connected is blocked from other networks. It is said that it is low. Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products. The attacker sends a constructed packet to exploit the vulnerability to cause network communication to become unresponsive. Successful exploits may allow an attacker to execute arbitrary code or to cause a denial-of-service condition. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Yokogawa CENTUM CS, etc. are all products of Japan's Yokogawa Electric (Yokogawa) company. Yokogawa CENTUM CS and CENTUM VP are large-scale production control systems. Exaopc is an OPC data access server

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0866",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.02.10"
      },
      {
        "model": "exaplog",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.40.00"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.04.20"
      },
      {
        "model": "field wireless device opc server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.01.02"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.85.00"
      },
      {
        "model": "b\\/m9000 vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r7.03.04"
      },
      {
        "model": "stardom opc server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.40"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "centum vp entry",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.04.20"
      },
      {
        "model": "exapilot",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.96.10"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r1.02"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.72.00"
      },
      {
        "model": "centum cs 3000 entry",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "exarqe",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.03.20"
      },
      {
        "model": "plant resource manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.12.00"
      },
      {
        "model": "exasmoc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.03.20"
      },
      {
        "model": "exaquantum\\/batch",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.50.30"
      },
      {
        "model": "centum cs 1000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.08.70"
      },
      {
        "model": "versatile data server software",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r7.30.01"
      },
      {
        "model": "b\\/m9000cs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.05.01"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r1.01"
      },
      {
        "model": "scada software \\",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r10.01"
      },
      {
        "model": "exaopc \u003c=r3.72.00",
        "scope": null,
        "trust": 0.8,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "yokogawa",
        "version": "1000"
      },
      {
        "model": "b/m9000 vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r7.03.04  )"
      },
      {
        "model": "b/m9000cs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.05.01  )"
      },
      {
        "model": "centum cs 1000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.08.70  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.09.50  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r3.09.50  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.04.20  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "basic (r5.04.20  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r5.04.20  )"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.72.00  )"
      },
      {
        "model": "exapilot",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.96.10  )"
      },
      {
        "model": "exaplog",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.40.00  )"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r2.85.00  )"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "/batch (r2.50.30  )"
      },
      {
        "model": "exarqe",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.03.20  )"
      },
      {
        "model": "exasmoc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.03.20  )"
      },
      {
        "model": "fast/tools",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r10.01  )"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r1.01 and r1.02)"
      },
      {
        "model": "prm",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.12.00  )"
      },
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.02.10  )"
      },
      {
        "model": "stardom",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "opc server for windows (r3.40  )"
      },
      {
        "model": "stardom",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "vds (r7.30.01  )"
      },
      {
        "model": "for field wireless opc server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r2.01.02  )"
      },
      {
        "model": "centum centum vp entry",
        "scope": null,
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum vp",
        "scope": null,
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum cs entry",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "stardom vds r7.30.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "stardom opc server for windows r3.40",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r3.02.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r2.03.80",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r1.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.12.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.11.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fieldmate r1.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fieldmate r1.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "field wireless device opc server r2.01.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "field wireless device opc server r2.01.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05-sp2",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r10.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exasmoc r4.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exarqe r4.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum/batch r2.50.30",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum/batch r2.50.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.85.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.80.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.50.30",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.02.50",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaplog r3.40.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exapilot r3.96.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exapilot r3.96.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.71.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3.72.00"
      },
      {
        "model": "exaopc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3.71.02"
      },
      {
        "model": "centum vp entry r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.56",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum cs entry r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.70",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.07",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.06",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.05",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.04",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.03",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.02",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.70",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "1000"
      },
      {
        "model": "b/m9000cs r5.05.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum vp entry",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "*"
      },
      {
        "model": "centum centum vp",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "*"
      },
      {
        "model": "centum centum cs entry",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "3000*"
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "3000*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_1000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.08.70",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.09.50",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.09.50",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.04.20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.04.20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:prosafe-rs_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.02.10",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:prosafe-rs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.72.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exapilot:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.96.10",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaplog:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.40.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaquantum:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r2.85.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaquantum\\/batch:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r2.50.30",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exarqe:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.03.20",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exasmoc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.03.20",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:field_wireless_device_opc_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r2.01.02",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:field_wireless_device_opc_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.12.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:scada_software_\\(fast\\/tools\\):*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r10.01",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:versatile_data_server_software:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r7.30.01",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:b\\/m9000cs_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.05.01",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:b\\/m9000_vp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r7.03.04",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:fieldmate:r1.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:fieldmate:r1.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:stardom_opc_server:*:*:*:*:*:windows:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.40",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:stardom_opc_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "76709"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-5627",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2015-004852",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-05996",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "81266b0e-2351-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-83588",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-5627",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-5627",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2015-004852",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-05996",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201509-478",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "81266b0e-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-83588",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-5627",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5627"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (process outage) via a crafted packet. Provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product\u0027s communication capabilities. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product\u0027s communication capabilities. * * Vulnerability that stops communication functions by receiving specially crafted packets (CVE-2015-5626) * * Vulnerability that could cause a process to stop by receiving a specially crafted packet (CVE-2015-5627) * * Vulnerability that allows arbitrary code to be executed by receiving specially crafted packets (CVE-2015-5628) For details, please check the information provided by the product developer.By receiving a specially crafted communication frame, the communication function and the process that has the communication function may be stopped, or arbitrary code may be executed with the authority of the system that executes the process. According to product developers, this vulnerability could be exploited if the network of the entire system is properly managed, such as the network to which the affected product is connected is blocked from other networks. It is said that it is low. Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products. The attacker sends a constructed packet to exploit the vulnerability to cause network communication to become unresponsive. \nSuccessful exploits may allow an attacker to execute arbitrary code or to cause a  denial-of-service condition. **  ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Yokogawa CENTUM CS, etc. are all products of Japan\u0027s Yokogawa Electric (Yokogawa) company. Yokogawa CENTUM CS and CENTUM VP are large-scale production control systems. Exaopc is an OPC data access server",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5627"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-5627",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-15-253-01",
        "trust": 3.5
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU92677348",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "76709",
        "trust": 0.4
      },
      {
        "db": "IVD",
        "id": "81266B0E-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-83588",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5627",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5627"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ]
  },
  "id": "VAR-202002-0866",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83588"
      }
    ],
    "trust": 1.3960373416666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:35:45.324000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "\u6a2a\u6cb3\u96fb\u6a5f\u682a\u5f0f\u4f1a\u793e \u306e\u544a\u77e5\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "http://www.yokogawa.co.jp/dcs/security/ysar/dcs-ysar-index-ja.htm"
      },
      {
        "title": "Patch for Yokogawa Multiple Product Stack Buffer Overflow Vulnerability (CNVD-2015-05996)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/63994"
      },
      {
        "title": "Multiple Yokogawa Product Buffer Error Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=108066"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-253-01"
      },
      {
        "trust": 2.1,
        "url": "http://www.yokogawa.com/dcs/security/ysar/ysar-15-0003e.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5626"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5627"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5628"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu92677348/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5627"
      },
      {
        "trust": 0.3,
        "url": "http://www.yokogawa.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/76709"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5627"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5627"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5627"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-09-16T00:00:00",
        "db": "IVD",
        "id": "81266b0e-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2015-09-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "date": "2020-02-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "date": "2020-02-05T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-5627"
      },
      {
        "date": "2015-09-10T00:00:00",
        "db": "BID",
        "id": "76709"
      },
      {
        "date": "2015-09-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "date": "2020-02-05T19:15:10.350000",
        "db": "NVD",
        "id": "CVE-2015-5627"
      },
      {
        "date": "2015-09-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-09-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-05996"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83588"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-5627"
      },
      {
        "date": "2015-09-10T00:00:00",
        "db": "BID",
        "id": "76709"
      },
      {
        "date": "2015-09-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "date": "2020-02-12T20:21:12.310000",
        "db": "NVD",
        "id": "CVE-2015-5627"
      },
      {
        "date": "2020-05-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CENTUM Including multiple  YOKOGAWA Multiple vulnerabilities in product communication functions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-478"
      }
    ],
    "trust": 0.6
  }
}

var-201902-0199
Vulnerability from variot

Insufficient access restrictions for license manager services for multiple Yokogawa products (CWE-302) Vulnerabilities exist. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.License manager service operated by a remote third party PC , Any file may be created or overwritten in any location with the system authority to execute the service. Multiple Yokogawa Products are prone to an arbitrary file-upload vulnerability. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. The following Yokogawa products are vulnerable: CENTUM VP R5.01.00 through R6.06.00 CENTUM VP Entry Class R5.01.00 through R6.06.00 ProSafe-RS R3.01.00 through R4.04.00 PRM R4.01.00 through R4.02.00 B/M9000 VP R7.01.01 through R8.02.03. are all products of Japan's Yokogawa Electric (Yokogawa). ProSafe-RS is a safety instrumented system. License Manager Service is a license management service used in it. A security vulnerability exists in several Yokogawa products due to the program not properly restricting the upload of malicious files

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0199",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "centum vp",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.01.00"
      },
      {
        "model": "prm",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.02.00"
      },
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.04.00"
      },
      {
        "model": "prosafe-rs",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.01.00"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r6.06.00"
      },
      {
        "model": "b\\/m 9000 vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r8.02.03"
      },
      {
        "model": "b\\/m 9000 vp",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r7.01.01"
      },
      {
        "model": "prm",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.01.00"
      },
      {
        "model": "b/m9000 vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r7.01.01 from  r8.02.03  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.01.00 from  r6.06.00  )"
      },
      {
        "model": "centum vp basic",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.01.00 from  r6.06.00  )"
      },
      {
        "model": "centum vp small",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.01.00 from  r6.06.00  )"
      },
      {
        "model": "prm",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.01.00 from  r4.02.00  )"
      },
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.01.00 from  r4.04.00  )"
      },
      {
        "model": "prosafe-rs r4.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r4.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r4.02.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r3.02.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r3.01.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r4.02.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r4.01.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r6.06.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r6.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r6.03.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.03.51",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.01.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r6.06.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r6.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r6.03.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.01.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r8.02.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r8.01.90",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r8.01.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.01.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r4.04.01",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r3.02.38",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r4.02.01",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r6.06.03",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.04.c5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r6.06.03",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.c5",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "106772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-5909"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r6.06.00",
                "versionStartIncluding": "r5.01.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.04.00",
                "versionStartIncluding": "r3.01.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:small:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r6.06.00",
                "versionStartIncluding": "r5.01.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:basic:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r6.06.00",
                "versionStartIncluding": "r5.01.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m_9000_vp:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r8.02.03",
                "versionStartIncluding": "r7.01.01",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:prm:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.02.00",
                "versionStartIncluding": "r4.01.00",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-5909"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Kaspersky Lab,Segey Temnikov",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-5909",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "High",
            "accessVector": "Network",
            "authentication": "None",
            "author": "JPCERT/CC",
            "availabilityImpact": "Complete",
            "baseScore": 7.6,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2019-001193",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-157344",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-5909",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "JPCERT/CC",
            "availabilityImpact": "High",
            "baseScore": 8.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2019-001193",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-5909",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "JPCERT/CC",
            "id": "JVNDB-2019-001193",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201901-972",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-157344",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-5909",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-157344"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-5909"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-5909"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insufficient access restrictions for license manager services for multiple Yokogawa products (CWE-302) Vulnerabilities exist. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.License manager service operated by a remote third party PC , Any file may be created or overwritten in any location with the system authority to execute the service. Multiple Yokogawa Products  are prone to an arbitrary file-upload vulnerability. \nAn attacker may leverage this issue to upload arbitrary files to the  affected computer; this can result in arbitrary code execution within  the context of the vulnerable application. \nThe following Yokogawa products are vulnerable:\nCENTUM VP R5.01.00 through R6.06.00\nCENTUM VP Entry Class R5.01.00 through  R6.06.00\nProSafe-RS R3.01.00 through  R4.04.00\nPRM R4.01.00 through  R4.02.00\nB/M9000 VP R7.01.01 through  R8.02.03. are all products of Japan\u0027s Yokogawa Electric (Yokogawa). ProSafe-RS is a safety instrumented system. License Manager Service is a license management service used in it. A security vulnerability exists in several Yokogawa products due to the program not properly restricting the upload of malicious files",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "BID",
        "id": "106772"
      },
      {
        "db": "VULHUB",
        "id": "VHN-157344"
      }
    ],
    "trust": 1.08
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-5909",
        "trust": 2.9
      },
      {
        "db": "JVN",
        "id": "JVNVU99147082",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "106772",
        "trust": 2.1
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-029-01",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972",
        "trust": 0.7
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-98807",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-157344",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-5909",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-157344"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-5909"
      },
      {
        "db": "BID",
        "id": "106772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-5909"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ]
  },
  "id": "VAR-201902-0199",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-157344"
      }
    ],
    "trust": 0.3410628
  },
  "last_update_date": "2023-12-18T13:52:25.139000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "YSAR-19-0001: \u6a2a\u6cb3\u88fd\u54c1\u306e\u30e9\u30a4\u30bb\u30f3\u30b9\u30de\u30cd\u30fc\u30b8\u30e3\u30fc\u30b5\u30fc\u30d3\u30b9\u306b\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "https://web-material3.yokogawa.com/19/20653/files/ysar-19-0001-j.pdf"
      },
      {
        "title": "Multiple Yokogawa Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89041"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-302",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-157344"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-5909"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/106772"
      },
      {
        "trust": 2.1,
        "url": "https://web-material3.yokogawa.com/1/20653/files/ysar-19-0001-e.pdf"
      },
      {
        "trust": 1.8,
        "url": "http://jvn.jp/vu/jvnvu99147082/index.html"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5909"
      },
      {
        "trust": 1.2,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-029-01"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-5909"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99147082/"
      },
      {
        "trust": 0.3,
        "url": "http://www.yokogawa.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/287.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-157344"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-5909"
      },
      {
        "db": "BID",
        "id": "106772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-5909"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-157344"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-5909"
      },
      {
        "db": "BID",
        "id": "106772"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-5909"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-02-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-157344"
      },
      {
        "date": "2019-02-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-5909"
      },
      {
        "date": "2019-01-29T00:00:00",
        "db": "BID",
        "id": "106772"
      },
      {
        "date": "2019-01-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "date": "2019-02-13T18:29:00.747000",
        "db": "NVD",
        "id": "CVE-2019-5909"
      },
      {
        "date": "2019-01-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-157344"
      },
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-5909"
      },
      {
        "date": "2019-01-29T00:00:00",
        "db": "BID",
        "id": "106772"
      },
      {
        "date": "2019-01-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      },
      {
        "date": "2020-08-24T17:37:01.140000",
        "db": "NVD",
        "id": "CVE-2019-5909"
      },
      {
        "date": "2020-08-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerabilities with insufficient access restrictions for license manager services of multiple Yokogawa products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001193"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-972"
      }
    ],
    "trust": 0.6
  }
}

var-201901-0794
Vulnerability from variot

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors. Provided by Yokogawa Electric Corporation Vnet/IP For open communication drivers, disruption of service operation due to driver reception processing (DoS) Vulnerabilities (CWE-399) Exists. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.Service disruption when processing a large number of packets sent from a remote third party (DoS) State Vnet/IP The communication function of the open communication driver may stop. Yokogawa Vnet/IP Open Communication Driver is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. The following products are affected: Yokogawa CENTUM CS 3000 R3.05.00 through R3.09.5 Yokogawa CENTUM CS 3000 Entry Class R3.05.00 through R3.09.50 Yokogawa CENTUM VP R4.01.00 through R6.03.10 Yokogawa CENTUM VP Entry Class R4.01.00 through R6.03.10 Yokogawa Exaopc R3.10.00 through R3.75.00 Yokogawa PRM R2.06.00 through R3.31.00 Yokogawa ProSafethrough RS R1.02.00 through R4.02.00 Yokogawa FAST/TOOLS R9.02.00 through R10.02.00 Yokogawa B/M9000 VP R6.03.01 through R8.01.90. Yokogawa CENTUM CS 3000, etc. are all products of Japan's Yokogawa (Yokogawa) company. Yokogawa CENTUM CS 3000 is a large-scale production control system. Exaopc is an OPC data access server

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201901-0794",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.02.00"
      },
      {
        "model": "centum vp entry class",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.01.00"
      },
      {
        "model": "b\\/m9000 vp",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r6.03.01"
      },
      {
        "model": "centum cs 3000",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.05.00"
      },
      {
        "model": "prosafe-rs",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r1.02.00"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.75.00"
      },
      {
        "model": "centum cs 3000 entry class",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.05.00"
      },
      {
        "model": "exaopc",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.10.00"
      },
      {
        "model": "centum vp entry class",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r6.03.10"
      },
      {
        "model": "plant resource manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.31.00"
      },
      {
        "model": "plant resource manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.06.00"
      },
      {
        "model": "fast\\/tools",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r9.02.00"
      },
      {
        "model": "centum vp",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.01.00"
      },
      {
        "model": "centum cs 3000 entry class",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "b\\/m9000 vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r8.01.90"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r6.03.10"
      },
      {
        "model": "fast\\/tools",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r10.02.00"
      },
      {
        "model": "b/m9000 vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r6.03.01 from  r8.01.90  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.05.00 from  r3.09.50  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r3.05.00 from  r3.09.50  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.01.00 from  r6.03.10  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "basic (r4.01.00 from  r6.03.10  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r4.01.00 from  r6.03.10  )"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.10.00 from  r3.75.00  )"
      },
      {
        "model": "fast/tools",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r9.02.00 from  r10.02.00  )"
      },
      {
        "model": "prm",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r2.06.00 from  r3.31.00  )"
      },
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r1.02.00 from  r4.02.00  )"
      },
      {
        "model": "prosafe-rs r4.02.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r3.02.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r2.03.80",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r1.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r1.02.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.31.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.12.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.11.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r2.06.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05-sp2",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.02.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r10.02.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r10.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.75.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.71.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.10.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r6.03.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.03.51",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r5.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r4.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r4.01.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r6.03.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.56",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.01.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum cs entry class r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs entry class r3.05.00",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.70",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.07",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.06",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.05.00",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "b/m9000 vp r8.01.90",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r8.01.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r6.03.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r4.03.00",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r4.01.00",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r10.03.00",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.76.00",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp entry class r6.04.00",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r6.04.00",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "106442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.09.50",
                    "versionStartIncluding": "r3.05.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000_entry_class:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.09.50",
                "versionStartIncluding": "r3.05.00",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r6.03.10",
                    "versionStartIncluding": "r4.01.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp_entry_class:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r6.03.10",
                "versionStartIncluding": "r4.01.00",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.75.00",
                "versionStartIncluding": "r3.10.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000_vp:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r8.01.90",
                "versionStartIncluding": "r6.03.01",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:fast\\/tools:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r10.02.00",
                "versionStartIncluding": "r9.02.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.02.00",
                "versionStartIncluding": "r1.02.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.31.00",
                "versionStartIncluding": "r2.06.00",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "106442"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-16196",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "JPCERT/CC",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-010809",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-126531",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "JPCERT/CC",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2018-010809",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-16196",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "JPCERT/CC",
            "id": "JVNDB-2018-010809",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201901-077",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-126531",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-126531"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver\u0027s communication via unspecified vectors. Provided by Yokogawa Electric Corporation Vnet/IP For open communication drivers, disruption of service operation due to driver reception processing (DoS) Vulnerabilities (CWE-399) Exists. This vulnerability information is provided by developers for the purpose of disseminating to product users. JPCERT/CC To report to JPCERT/CC By developers and the United States ICS-CERT And adjusted.Service disruption when processing a large number of packets sent from a remote third party (DoS) State Vnet/IP The communication function of the open communication driver may stop. Yokogawa Vnet/IP Open Communication Driver is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to cause denial-of-service conditions. \nThe following products are affected:\nYokogawa CENTUM CS 3000 R3.05.00 through R3.09.5\nYokogawa CENTUM CS 3000 Entry Class R3.05.00 through R3.09.50\nYokogawa CENTUM VP R4.01.00 through R6.03.10\nYokogawa CENTUM VP Entry Class R4.01.00 through R6.03.10\nYokogawa Exaopc R3.10.00 through R3.75.00\nYokogawa PRM R2.06.00 through R3.31.00\nYokogawa ProSafethrough RS R1.02.00 through R4.02.00\nYokogawa FAST/TOOLS R9.02.00 through R10.02.00\nYokogawa  B/M9000 VP R6.03.01 through R8.01.90. Yokogawa CENTUM CS 3000, etc. are all products of Japan\u0027s Yokogawa (Yokogawa) company. Yokogawa CENTUM CS 3000 is a large-scale production control system. Exaopc is an OPC data access server",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "BID",
        "id": "106442"
      },
      {
        "db": "VULHUB",
        "id": "VHN-126531"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-16196",
        "trust": 2.8
      },
      {
        "db": "JVN",
        "id": "JVNVU93652047",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "106442",
        "trust": 1.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-003-02",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-077",
        "trust": 0.7
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-98824",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-126531",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-126531"
      },
      {
        "db": "BID",
        "id": "106442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ]
  },
  "id": "VAR-201901-0794",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-126531"
      }
    ],
    "trust": 0.5455670125
  },
  "last_update_date": "2023-12-18T12:50:27.012000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "YSAR-18-0008: Vnet/IP\u30aa\u30fc\u30d7\u30f3\u901a\u4fe1\u30c9\u30e9\u30a4\u30d0\u306b\u30b5\u30fc\u30d3\u30b9\u904b\u7528\u59a8\u5bb3(DoS)\u306e\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "https://www.yokogawa.co.jp/library/resources/white-papers/yokogawa-security-advisory-report-list/"
      },
      {
        "title": "Yokogawa Exaopc Enter the fix for the verification vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89500"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-399",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-126531"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://web-material3.yokogawa.com/ysar-18-0008-e.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://jvn.jp/vu/jvnvu93652047/index.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/106442"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-003-02"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16196"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu93652047/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16196"
      },
      {
        "trust": 0.3,
        "url": "https://www.yokogawa.com/in"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-126531"
      },
      {
        "db": "BID",
        "id": "106442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-126531"
      },
      {
        "db": "BID",
        "id": "106442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-16196"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-01-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-126531"
      },
      {
        "date": "2019-12-21T00:00:00",
        "db": "BID",
        "id": "106442"
      },
      {
        "date": "2018-12-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "date": "2019-01-09T23:29:04.560000",
        "db": "NVD",
        "id": "CVE-2018-16196"
      },
      {
        "date": "2019-01-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-02-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-126531"
      },
      {
        "date": "2019-12-21T00:00:00",
        "db": "BID",
        "id": "106442"
      },
      {
        "date": "2019-08-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      },
      {
        "date": "2019-02-14T14:59:40.957000",
        "db": "NVD",
        "id": "CVE-2018-16196"
      },
      {
        "date": "2019-02-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "106442"
      }
    ],
    "trust": 0.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Yokogawa Electric  Vnet/IP Service operation disruption to open communication drivers  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-010809"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201901-077"
      }
    ],
    "trust": 0.6
  }
}

var-202002-0867
Vulnerability from variot

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet. Provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product's communication capabilities. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product's communication capabilities. * * Vulnerability that stops communication functions by receiving specially crafted packets (CVE-2015-5626) * * Vulnerability that could cause a process to stop by receiving a specially crafted packet (CVE-2015-5627) * * Vulnerability that allows arbitrary code to be executed by receiving specially crafted packets (CVE-2015-5628) For details, please check the information provided by the product developer.By receiving a specially crafted communication frame, the communication function and the process that has the communication function may be stopped, or arbitrary code may be executed with the authority of the system that executes the process. According to product developers, this vulnerability could be exploited if the network of the entire system is properly managed, such as the network to which the affected product is connected is blocked from other networks. It is said that it is low. Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products. The attacker sends a constructed packet to exploit the vulnerability to cause network communication to become unresponsive. Successful exploits may allow an attacker to execute arbitrary code or to cause a denial-of-service condition. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Yokogawa CENTUM CS 3000, etc. are all products of Japan Yokogawa (Yokogawa). Yokogawa CENTUM CS 3000 is a large-scale production control system. Exaopc is an OPC data access server. Exaquantum is a plant information management system (PIMS) for the process industry

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0867",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.02.10"
      },
      {
        "model": "exaplog",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.40.00"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.04.20"
      },
      {
        "model": "field wireless device opc server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.01.02"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.85.00"
      },
      {
        "model": "b\\/m9000 vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r7.03.04"
      },
      {
        "model": "stardom opc server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.40"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "centum vp entry",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.04.20"
      },
      {
        "model": "exapilot",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.96.10"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r1.02"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.72.00"
      },
      {
        "model": "centum cs 3000 entry",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "exarqe",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.03.20"
      },
      {
        "model": "plant resource manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.12.00"
      },
      {
        "model": "exasmoc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.03.20"
      },
      {
        "model": "exaquantum\\/batch",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.50.30"
      },
      {
        "model": "centum cs 1000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.08.70"
      },
      {
        "model": "versatile data server software",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r7.30.01"
      },
      {
        "model": "b\\/m9000cs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.05.01"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r1.01"
      },
      {
        "model": "scada software \\",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r10.01"
      },
      {
        "model": "exaopc \u003c=r3.72.00",
        "scope": null,
        "trust": 0.8,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "yokogawa",
        "version": "1000"
      },
      {
        "model": "b/m9000 vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r7.03.04  )"
      },
      {
        "model": "b/m9000cs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.05.01  )"
      },
      {
        "model": "centum cs 1000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.08.70  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.09.50  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r3.09.50  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.04.20  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "basic (r5.04.20  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r5.04.20  )"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.72.00  )"
      },
      {
        "model": "exapilot",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.96.10  )"
      },
      {
        "model": "exaplog",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.40.00  )"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r2.85.00  )"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "/batch (r2.50.30  )"
      },
      {
        "model": "exarqe",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.03.20  )"
      },
      {
        "model": "exasmoc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.03.20  )"
      },
      {
        "model": "fast/tools",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r10.01  )"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r1.01 and r1.02)"
      },
      {
        "model": "prm",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.12.00  )"
      },
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.02.10  )"
      },
      {
        "model": "stardom",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "opc server for windows (r3.40  )"
      },
      {
        "model": "stardom",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "vds (r7.30.01  )"
      },
      {
        "model": "for field wireless opc server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r2.01.02  )"
      },
      {
        "model": "centum centum vp entry",
        "scope": null,
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum vp",
        "scope": null,
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum cs entry",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "stardom vds r7.30.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "stardom opc server for windows r3.40",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r3.02.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r2.03.80",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r1.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.12.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.11.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fieldmate r1.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fieldmate r1.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "field wireless device opc server r2.01.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "field wireless device opc server r2.01.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05-sp2",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r10.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exasmoc r4.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exarqe r4.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum/batch r2.50.30",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum/batch r2.50.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.85.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.80.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.50.30",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.02.50",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaplog r3.40.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exapilot r3.96.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exapilot r3.96.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.71.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3.72.00"
      },
      {
        "model": "exaopc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3.71.02"
      },
      {
        "model": "centum vp entry r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.56",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum cs entry r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.70",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.07",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.06",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.05",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.04",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.03",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.02",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.70",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "1000"
      },
      {
        "model": "b/m9000cs r5.05.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum vp entry",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "*"
      },
      {
        "model": "centum centum vp",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "*"
      },
      {
        "model": "centum centum cs entry",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "3000*"
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "3000*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_1000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.08.70",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.09.50",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.09.50",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.04.20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.04.20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:prosafe-rs_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.02.10",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:prosafe-rs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.72.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exapilot:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.96.10",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaplog:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.40.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaquantum:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r2.85.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaquantum\\/batch:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r2.50.30",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exarqe:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.03.20",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exasmoc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.03.20",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:field_wireless_device_opc_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r2.01.02",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:field_wireless_device_opc_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.12.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:scada_software_\\(fast\\/tools\\):*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r10.01",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:versatile_data_server_software:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r7.30.01",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:b\\/m9000cs_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.05.01",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:b\\/m9000_vp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r7.03.04",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:fieldmate:r1.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:fieldmate:r1.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:stardom_opc_server:*:*:*:*:*:windows:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.40",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:stardom_opc_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "76709"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-5628",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2015-004852",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-05995",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "81247038-2351-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-83589",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-5628",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-5628",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2015-004852",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-05995",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201509-479",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "81247038-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-83589",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-5628",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5628"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet. Provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product\u0027s communication capabilities. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product\u0027s communication capabilities. * * Vulnerability that stops communication functions by receiving specially crafted packets (CVE-2015-5626) * * Vulnerability that could cause a process to stop by receiving a specially crafted packet (CVE-2015-5627) * * Vulnerability that allows arbitrary code to be executed by receiving specially crafted packets (CVE-2015-5628) For details, please check the information provided by the product developer.By receiving a specially crafted communication frame, the communication function and the process that has the communication function may be stopped, or arbitrary code may be executed with the authority of the system that executes the process. According to product developers, this vulnerability could be exploited if the network of the entire system is properly managed, such as the network to which the affected product is connected is blocked from other networks. It is said that it is low. Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products. The attacker sends a constructed packet to exploit the vulnerability to cause network communication to become unresponsive. \nSuccessful exploits may allow an attacker to execute arbitrary code or to cause a  denial-of-service condition. **  ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Yokogawa CENTUM CS 3000, etc. are all products of Japan Yokogawa (Yokogawa). Yokogawa CENTUM CS 3000 is a large-scale production control system. Exaopc is an OPC data access server. Exaquantum is a plant information management system (PIMS) for the process industry",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5628"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-5628",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-15-253-01",
        "trust": 3.5
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU92677348",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "76709",
        "trust": 0.4
      },
      {
        "db": "IVD",
        "id": "81247038-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-83589",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5628",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5628"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ]
  },
  "id": "VAR-202002-0867",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83589"
      }
    ],
    "trust": 1.3960373416666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:35:45.366000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "\u6a2a\u6cb3\u96fb\u6a5f\u682a\u5f0f\u4f1a\u793e \u306e\u544a\u77e5\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "http://www.yokogawa.co.jp/dcs/security/ysar/dcs-ysar-index-ja.htm"
      },
      {
        "title": "Patch for Yokogawa Multiple Product Stack Buffer Overflow Vulnerability (CNVD-2015-05995)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/63993"
      },
      {
        "title": "Multiple Yokogawa Product Buffer Error Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=108067"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-253-01"
      },
      {
        "trust": 2.1,
        "url": "http://www.yokogawa.com/dcs/security/ysar/ysar-15-0003e.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5626"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5627"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5628"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu92677348/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5628"
      },
      {
        "trust": 0.3,
        "url": "http://www.yokogawa.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/76709"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5628"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5628"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5628"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-09-16T00:00:00",
        "db": "IVD",
        "id": "81247038-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2015-09-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "date": "2020-02-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "date": "2020-02-05T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-5628"
      },
      {
        "date": "2015-09-10T00:00:00",
        "db": "BID",
        "id": "76709"
      },
      {
        "date": "2015-09-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "date": "2020-02-05T19:15:10.397000",
        "db": "NVD",
        "id": "CVE-2015-5628"
      },
      {
        "date": "2015-09-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-09-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-05995"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83589"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-5628"
      },
      {
        "date": "2015-09-10T00:00:00",
        "db": "BID",
        "id": "76709"
      },
      {
        "date": "2015-09-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "date": "2020-02-12T20:16:13.513000",
        "db": "NVD",
        "id": "CVE-2015-5628"
      },
      {
        "date": "2020-05-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CENTUM Including multiple  YOKOGAWA Multiple vulnerabilities in product communication functions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-479"
      }
    ],
    "trust": 0.6
  }
}

var-202002-0865
Vulnerability from variot

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet. Provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product's communication capabilities. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product's communication capabilities. * * Vulnerability that stops communication functions by receiving specially crafted packets (CVE-2015-5626) * * Vulnerability that could cause a process to stop by receiving a specially crafted packet (CVE-2015-5627) * * Vulnerability that allows arbitrary code to be executed by receiving specially crafted packets (CVE-2015-5628) For details, please check the information provided by the product developer.By receiving a specially crafted communication frame, the communication function and the process that has the communication function may be stopped, or arbitrary code may be executed with the authority of the system that executes the process. According to product developers, this vulnerability could be exploited if the network of the entire system is properly managed, such as the network to which the affected product is connected is blocked from other networks. It is said that it is low. Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products. The attacker sends a constructed packet to exploit the vulnerability to cause network communication to become unresponsive. Successful exploits may allow an attacker to execute arbitrary code or to cause a denial-of-service condition. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Yokogawa CENTUM CS, etc. are all products of Japan's Yokogawa Electric (Yokogawa) company. Yokogawa CENTUM CS and CENTUM VP are large-scale production control systems. Exaopc is an OPC data access server

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202002-0865",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.02.10"
      },
      {
        "model": "exaplog",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.40.00"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.04.20"
      },
      {
        "model": "field wireless device opc server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.01.02"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.85.00"
      },
      {
        "model": "b\\/m9000 vp",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r7.03.04"
      },
      {
        "model": "stardom opc server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.40"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "centum vp entry",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.04.20"
      },
      {
        "model": "exapilot",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.96.10"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r1.02"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.72.00"
      },
      {
        "model": "centum cs 3000 entry",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.09.50"
      },
      {
        "model": "exarqe",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.03.20"
      },
      {
        "model": "plant resource manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.12.00"
      },
      {
        "model": "exasmoc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r4.03.20"
      },
      {
        "model": "exaquantum\\/batch",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r2.50.30"
      },
      {
        "model": "centum cs 1000",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r3.08.70"
      },
      {
        "model": "versatile data server software",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r7.30.01"
      },
      {
        "model": "b\\/m9000cs",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r5.05.01"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r1.01"
      },
      {
        "model": "scada software \\",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "yokogawa",
        "version": "r10.01"
      },
      {
        "model": "exaopc \u003c=r3.72.00",
        "scope": null,
        "trust": 0.8,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "yokogawa",
        "version": "1000"
      },
      {
        "model": "b/m9000 vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r7.03.04  )"
      },
      {
        "model": "b/m9000cs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.05.01  )"
      },
      {
        "model": "centum cs 1000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.08.70  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.09.50  )"
      },
      {
        "model": "centum cs 3000",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r3.09.50  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r5.04.20  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "basic (r5.04.20  )"
      },
      {
        "model": "centum vp",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "small (r5.04.20  )"
      },
      {
        "model": "exaopc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.72.00  )"
      },
      {
        "model": "exapilot",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.96.10  )"
      },
      {
        "model": "exaplog",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.40.00  )"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r2.85.00  )"
      },
      {
        "model": "exaquantum",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "/batch (r2.50.30  )"
      },
      {
        "model": "exarqe",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.03.20  )"
      },
      {
        "model": "exasmoc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r4.03.20  )"
      },
      {
        "model": "fast/tools",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r10.01  )"
      },
      {
        "model": "fieldmate",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r1.01 and r1.02)"
      },
      {
        "model": "prm",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.12.00  )"
      },
      {
        "model": "prosafe-rs",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r3.02.10  )"
      },
      {
        "model": "stardom",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "opc server for windows (r3.40  )"
      },
      {
        "model": "stardom",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "vds (r7.30.01  )"
      },
      {
        "model": "for field wireless opc server",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "yokogawa electric",
        "version": "(r2.01.02  )"
      },
      {
        "model": "centum centum vp entry",
        "scope": null,
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum vp",
        "scope": null,
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum cs entry",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "stardom vds r7.30.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "stardom opc server for windows r3.40",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r3.02.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r2.03.80",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prosafe-rs r1.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.12.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "prm r3.11.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fieldmate r1.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fieldmate r1.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "field wireless device opc server r2.01.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "field wireless device opc server r2.01.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05-sp2",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.05",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.03",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r9.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "fast/tools r10.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exasmoc r4.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exarqe r4.03.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum/batch r2.50.30",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum/batch r2.50.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.85.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.80.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.50.30",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaquantum r2.02.50",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaplog r3.40.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exapilot r3.96.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exapilot r3.96.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.10",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.72.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc r3.71.02",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "exaopc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3.72.00"
      },
      {
        "model": "exaopc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3.71.02"
      },
      {
        "model": "centum vp entry r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.20",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r5.04.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.56",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum vp r4.03.00",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum cs entry r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.09",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.70",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.07",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.06",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.05",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.04",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.03",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.02",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "3000"
      },
      {
        "model": "centum cs r3.08.70",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": "1000"
      },
      {
        "model": "b/m9000cs r5.05.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.04",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "b/m9000 vp r7.03.01",
        "scope": null,
        "trust": 0.3,
        "vendor": "yokogawa",
        "version": null
      },
      {
        "model": "centum centum vp entry",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "*"
      },
      {
        "model": "centum centum vp",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "*"
      },
      {
        "model": "centum centum cs entry",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "3000*"
      },
      {
        "model": "centum centum cs",
        "scope": "eq",
        "trust": 0.2,
        "vendor": "yokogawa",
        "version": "3000*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_1000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.08.70",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.09.50",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.09.50",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.04.20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.04.20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:prosafe-rs_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.02.10",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:prosafe-rs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.72.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exapilot:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.96.10",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaplog:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.40.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaquantum:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r2.85.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exaquantum\\/batch:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r2.50.30",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exarqe:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.03.20",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:exasmoc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r4.03.20",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:field_wireless_device_opc_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r2.01.02",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:field_wireless_device_opc_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r3.12.00",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:scada_software_\\(fast\\/tools\\):*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r10.01",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:versatile_data_server_software:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "r7.30.01",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:b\\/m9000cs_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r5.05.01",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:b\\/m9000_vp_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r7.03.04",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:fieldmate:r1.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:yokogawa:fieldmate:r1.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yokogawa:stardom_opc_server:*:*:*:*:*:windows:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "r3.40",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yokogawa:stardom_opc_server:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "76709"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-5626",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2015-004852",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-05997",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "8128c7be-2351-11e6-abef-000c29c66e3d",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-83587",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-5626",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-5626",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2015-004852",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-05997",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201509-477",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "8128c7be-2351-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-83587",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-5626",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5626"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to cause a denial of service (network-communications outage) via a crafted packet. Provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product\u0027s communication capabilities. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA There are multiple vulnerabilities in the product\u0027s communication capabilities. * * Vulnerability that stops communication functions by receiving specially crafted packets (CVE-2015-5626) * * Vulnerability that could cause a process to stop by receiving a specially crafted packet (CVE-2015-5627) * * Vulnerability that allows arbitrary code to be executed by receiving specially crafted packets (CVE-2015-5628) For details, please check the information provided by the product developer.By receiving a specially crafted communication frame, the communication function and the process that has the communication function may be stopped, or arbitrary code may be executed with the authority of the system that executes the process. According to product developers, this vulnerability could be exploited if the network of the entire system is properly managed, such as the network to which the affected product is connected is blocked from other networks. It is said that it is low. Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products. The attacker sends a constructed packet to exploit the vulnerability to cause network communication to become unresponsive. \nSuccessful exploits may allow an attacker to execute arbitrary code or to cause a  denial-of-service condition. **  ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Yokogawa CENTUM CS, etc. are all products of Japan\u0027s Yokogawa Electric (Yokogawa) company. Yokogawa CENTUM CS and CENTUM VP are large-scale production control systems. Exaopc is an OPC data access server",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5626"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-5626",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-15-253-01",
        "trust": 3.5
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU92677348",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "76709",
        "trust": 0.4
      },
      {
        "db": "IVD",
        "id": "8128C7BE-2351-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-83587",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5626",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5626"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ]
  },
  "id": "VAR-202002-0865",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83587"
      }
    ],
    "trust": 1.3960373416666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:35:45.282000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "\u6a2a\u6cb3\u96fb\u6a5f\u682a\u5f0f\u4f1a\u793e \u306e\u544a\u77e5\u30da\u30fc\u30b8",
        "trust": 0.8,
        "url": "http://www.yokogawa.co.jp/dcs/security/ysar/dcs-ysar-index-ja.htm"
      },
      {
        "title": "Patch of Yokogawa Multiple Product Stack Buffer Overflow Vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/63995"
      },
      {
        "title": "Multiple Yokogawa Product Buffer Error Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=108065"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-253-01"
      },
      {
        "trust": 2.1,
        "url": "http://www.yokogawa.com/dcs/security/ysar/ysar-15-0003e.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5626"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5627"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5628"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu92677348/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5626"
      },
      {
        "trust": 0.3,
        "url": "http://www.yokogawa.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/76709"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5626"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-5626"
      },
      {
        "db": "BID",
        "id": "76709"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-5626"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-09-16T00:00:00",
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2015-09-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "date": "2020-02-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "date": "2020-02-05T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-5626"
      },
      {
        "date": "2015-09-10T00:00:00",
        "db": "BID",
        "id": "76709"
      },
      {
        "date": "2015-09-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "date": "2020-02-05T19:15:10.240000",
        "db": "NVD",
        "id": "CVE-2015-5626"
      },
      {
        "date": "2015-09-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-09-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83587"
      },
      {
        "date": "2020-02-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-5626"
      },
      {
        "date": "2015-09-10T00:00:00",
        "db": "BID",
        "id": "76709"
      },
      {
        "date": "2015-09-28T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-004852"
      },
      {
        "date": "2020-02-12T19:29:49.680000",
        "db": "NVD",
        "id": "CVE-2015-5626"
      },
      {
        "date": "2020-05-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Yokogawa Multiple Product Stack Buffer Overflow Vulnerabilities",
    "sources": [
      {
        "db": "IVD",
        "id": "8128c7be-2351-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-05997"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201509-477"
      }
    ],
    "trust": 0.6
  }
}