Action not permitted
Modal body text goes here.
CVE-2022-21194
Vulnerability from cvelistv5
Published
2022-03-11 09:10
Modified
2024-08-03 02:31
Severity ?
EPSS score ?
Summary
The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf | Vendor Advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CENTUM VP",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions from R5.01.00 to R5.04.20"
},
{
"status": "affected",
"version": "versions from R6.01.00 to R6.08.00"
}
]
},
{
"product": "Exaopc",
"vendor": "Yokogawa Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions from R3.72.00 to R3.79.00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798: Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T09:10:41",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-21194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CENTUM VP",
"version": {
"version_data": [
{
"version_value": "versions from R5.01.00 to R5.04.20"
},
{
"version_value": "versions from R6.01.00 to R6.08.00"
}
]
}
},
{
"product_name": "Exaopc",
"version": {
"version_data": [
{
"version_value": "versions from R3.72.00 to R3.79.00"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798: Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf",
"refsource": "CONFIRM",
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-21194",
"datePublished": "2022-03-11T09:10:41",
"dateReserved": "2022-02-03T00:00:00",
"dateUpdated": "2024-08-03T02:31:59.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-21194\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2022-03-11T09:15:11.237\",\"lastModified\":\"2022-03-18T14:38:06.727\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.\"},{\"lang\":\"es\",\"value\":\"Los siguientes productos de Yokogawa Electric no cambian las contrase\u00f1as de las cuentas internas de Windows desde la configuraci\u00f3n inicial: CENTUM VP versiones desde R5.01.00 a R5.04.20 y versiones desde R6.01.00 a R6.08.0, Exaopc versiones desde R3.72.00 a R3.79.00\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]},{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"161A4767-228C-4681-9D20-81D9380CE48A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r5.01.00\",\"versionEndIncluding\":\"r5.04.20\",\"matchCriteriaId\":\"D647BA49-5A43-437B-8C58-0294A452AF8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r6.01.00\",\"versionEndExcluding\":\"r6.09.00\",\"matchCriteriaId\":\"01914A03-6248-4183-94FE-64902B0D1DDF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r4.01.00\",\"versionEndIncluding\":\"r4.03.00\",\"matchCriteriaId\":\"1CDBFA61-421D-484C-B33E-938CD58BDCEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r5.01.00\",\"versionEndIncluding\":\"r5.04.20\",\"matchCriteriaId\":\"B25462B1-4031-4FAB-8C67-CF060BE472B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r6.01.00\",\"versionEndExcluding\":\"r6.09.00\",\"matchCriteriaId\":\"27CBFAD9-1DD0-4B18-B8F6-6EB8F6396556\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E37ECBA-48F6-456A-AE49-83347A91208B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"r3.72.00\",\"versionEndExcluding\":\"r3.80.00\",\"matchCriteriaId\":\"4D5233E5-DABF-4CCE-A92F-F437DECFBCB9\"}]}]}],\"references\":[{\"url\":\"https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
icsa-22-083-01
Vulnerability from csaf_cisa
Published
2022-03-24 00:00
Modified
2022-03-24 00:00
Summary
Yokogawa CENTUM and Exaopc
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities in CAMS server functions can be abused to suppress alarms, read or write files, crash the server, or execute arbitrary code.
Critical infrastructure sectors
Critical Manufacturing, Energy, Food and Agriculture
Countries/areas deployed
Worldwide
Company headquarters location
Japan
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"names": [
"Jacob Baines"
],
"organization": "Dragos",
"summary": "reporting these vulnerabilities to Yokogawa"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities in CAMS server functions can be abused to suppress alarms, read or write files, crash the server, or execute arbitrary code.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing, Energy, Food and Agriculture",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-083-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-083-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-083-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-083-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Yokogawa CENTUM and Exaopc",
"tracking": {
"current_release_date": "2022-03-24T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-083-01",
"initial_release_date": "2022-03-24T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-03-24T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-083-01 Yokogawa CENTUM and Exaopc"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=R3.08.10 | \u003c= R3.09.00",
"product": {
"name": "CENTUM and Exaopc - CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class): R3.08.10 - R3.09.00",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "CENTUM CS 3000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=R4.01.00 | \u003c= R4.03.00",
"product": {
"name": "CENTUM and Exaopc - R4.01.00 - R4.03.00",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "CENTUM VP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=R5.01.00 | \u003c= R5.04.20",
"product": {
"name": "CENTUM and Exaopc - R5.01.00 - R5.04.20",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "CENTUM VP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=R6.01.00 | \u003c= R6.08.00",
"product": {
"name": "CENTUM and Exaopc - R6.01.00 - R6.08.00",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "CENTUM VP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=R3.72.00 | \u003c= R3.79.00",
"product": {
"name": "CENTUM and Exaopc - Exaopc: (R3.72.00 - R3.79.00)",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Exaopc"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=R5.04.01 | \u003c= R5.05.01",
"product": {
"name": "CENTUM and Exaopc - B/M9000CS: (R5.04.01 - R5.05.01)",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "B/M9000CS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e=R6.01.01 -| \u003c=R8.03.01",
"product": {
"name": "CENTUM and Exaopc - B/M9000 VP: (R6.01.01 - R8.03.01)",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "B/M9000 VP"
}
],
"category": "vendor",
"name": "Yokogawa"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21194",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "If the password for the OS account created when installing the product has not been changed from the default password and the hard-coded credentials (default password) for the account are used, an attacker could access files and shared memory in the system. The product is not affected by this vulnerability if the default password has been properly changed after installation.CVE-2022-21194 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21194"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM VP: update to R6.09.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Exaopc: update to R3.80.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa\u0027s full report (YSAR-22-0001) for update details.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa security.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
},
{
"category": "mitigation",
"details": "Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "When changing the password, ensure that the same password is set in the entire system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2022-23402",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "If the hard-coded credentials for CAMS server application are used to send a malformed packet to CAMS server, all functions of CAMS server can be abused, including suppressing alarms.CVE-2022-23402 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23402"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM VP: update to R6.09.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Exaopc: update to R3.80.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa\u0027s full report (YSAR-22-0001) for update details.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa security.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
},
{
"category": "mitigation",
"details": "Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "When changing the password, ensure that the same password is set in the entire system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2022-21808",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "summary",
"text": "A malformed packet sent to a CAMS for HIS server may allow an attacker to achieve relative path traversal and then read and write files or execute commands.CVE-2022-21808 and CVE-2022-22729 have been assigned to these vulnerabilities. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21808"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22729"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM VP: update to R6.09.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Exaopc: update to R3.80.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa\u0027s full report (YSAR-22-0001) for update details.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa security.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
},
{
"category": "mitigation",
"details": "Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "When changing the password, ensure that the same password is set in the entire system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2022-22729",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"notes": [
{
"category": "summary",
"text": "A malformed packet sent to a CAMS for HIS server may exploit an output neutralization vulnerability, allowing an attacker to crash the server or manipulate log files.CVE-2022-22151, CVE-2022-21177. and CVE-2022-22145 have been assigned to these vulnerabilities. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22151"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21177"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22145"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM VP: update to R6.09.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Exaopc: update to R3.80.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa\u0027s full report (YSAR-22-0001) for update details.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa security.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
},
{
"category": "mitigation",
"details": "Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "When changing the password, ensure that the same password is set in the entire system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2022-22151",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A local attacker may be able to utilize a named pipe with inappropriate access privileges to execute arbitrary programs.CVE-2022-22148 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22148"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM VP: update to R6.09.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Exaopc: update to R3.80.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa\u0027s full report (YSAR-22-0001) for update details.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa security.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
},
{
"category": "mitigation",
"details": "Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "When changing the password, ensure that the same password is set in the entire system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2022-21177",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "summary",
"text": "A local attacker may be able to utilize a named pipe with inappropriate access privileges to delete arbitrary files.CVE-2022-22141 has been assigned to this vulnerability. A CVSS v3 base score of 6.6 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22141"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM VP: update to R6.09.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Exaopc: update to R3.80.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa\u0027s full report (YSAR-22-0001) for update details.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa security.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
},
{
"category": "mitigation",
"details": "Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "When changing the password, ensure that the same password is set in the entire system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
},
{
"cve": "CVE-2022-22145",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "summary",
"text": "CENTUM and Exaopc have a DLL injection vulnerability and a DLL planting vulnerability using the DLL search order vulnerability. See this link for further details on this exploit type.CVE-2022-23401 has been assigned to this vulnerability. A CVSS v3 base score of 8.3 has been calculated; the CVSS vector string is (AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23401"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM VP: update to R6.09.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Exaopc: update to R3.80.00 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa\u0027s full report (YSAR-22-0001) for update details.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa security.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
},
{
"category": "mitigation",
"details": "Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "When changing the password, ensure that the same password is set in the entire system.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "Yokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
},
{
"category": "mitigation",
"details": "For questions related to this report, please contact Yokogawa.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
],
"url": "https://contact.yokogawa.com/cs/gw?c-id=000498"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007"
]
}
]
}
]
}
gsd-2022-21194
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-21194",
"description": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.",
"id": "GSD-2022-21194"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-21194"
],
"details": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.",
"id": "GSD-2022-21194",
"modified": "2023-12-13T01:19:14.788750Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-21194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CENTUM VP",
"version": {
"version_data": [
{
"version_value": "versions from R5.01.00 to R5.04.20"
},
{
"version_value": "versions from R6.01.00 to R6.08.00"
}
]
}
},
{
"product_name": "Exaopc",
"version": {
"version_data": [
{
"version_value": "versions from R3.72.00 to R3.79.00"
}
]
}
}
]
},
"vendor_name": "Yokogawa Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798: Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf",
"refsource": "CONFIRM",
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r5.04.20",
"versionStartIncluding": "r5.01.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r6.09.00",
"versionStartIncluding": "r6.01.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r4.03.00",
"versionStartIncluding": "r4.01.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r5.04.20",
"versionStartIncluding": "r5.01.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r6.09.00",
"versionStartIncluding": "r6.01.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r3.80.00",
"versionStartIncluding": "r3.72.00",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-21194"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-03-18T14:38Z",
"publishedDate": "2022-03-11T09:15Z"
}
}
}
ghsa-27px-4rjc-4chg
Vulnerability from github
Published
2022-03-12 00:00
Modified
2022-03-19 00:01
Severity ?
Details
The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.
{
"affected": [],
"aliases": [
"CVE-2022-21194"
],
"database_specific": {
"cwe_ids": [
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-11T09:15:00Z",
"severity": "CRITICAL"
},
"details": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.",
"id": "GHSA-27px-4rjc-4chg",
"modified": "2022-03-19T00:01:22Z",
"published": "2022-03-12T00:00:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21194"
},
{
"type": "WEB",
"url": "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
var-202203-0850
Vulnerability from variot
The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202203-0850",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "centum vp entry",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r5.01.00"
},
{
"model": "centum vp",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r5.01.00"
},
{
"model": "centum vp entry",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r4.01.00"
},
{
"model": "exaopc",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.72.00"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r5.04.20"
},
{
"model": "exaopc",
"scope": "lt",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.80.00"
},
{
"model": "centum vp entry",
"scope": "lt",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.09.00"
},
{
"model": "centum vp entry",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r4.03.00"
},
{
"model": "centum vp entry",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r5.04.20"
},
{
"model": "centum vp entry",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.01.00"
},
{
"model": "centum vp",
"scope": "lt",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.09.00"
},
{
"model": "centum vp",
"scope": "gte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.01.00"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21194"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r5.04.20",
"versionStartIncluding": "r5.01.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r6.09.00",
"versionStartIncluding": "r6.01.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r4.03.00",
"versionStartIncluding": "r4.01.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r5.04.20",
"versionStartIncluding": "r5.01.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r6.09.00",
"versionStartIncluding": "r6.01.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "r3.80.00",
"versionStartIncluding": "r3.72.00",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21194"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Baines from Dragos reported these vulnerabilities to Yokogawa.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
],
"trust": 0.6
},
"cve": "CVE-2022-21194",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-414055",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-21194",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-1158",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-414055",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-414055"
},
{
"db": "NVD",
"id": "CVE-2022-21194"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-21194"
},
{
"db": "VULHUB",
"id": "VHN-414055"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-21194",
"trust": 1.7
},
{
"db": "CS-HELP",
"id": "SB2022032906",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1276",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-083-01",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1158",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-414055",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-414055"
},
{
"db": "NVD",
"id": "CVE-2022-21194"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
]
},
"id": "VAR-202203-0850",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-414055"
}
],
"trust": 0.3653070266666667
},
"last_update_date": "2023-12-18T11:56:27.032000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Yokogawa Electric Repair measures for trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=186339"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-414055"
},
{
"db": "NVD",
"id": "CVE-2022-21194"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://web-material3.yokogawa.com/1/32094/files/ysar-22-0001-e.pdf"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032906"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1276"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-21194/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-083-01"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-414055"
},
{
"db": "NVD",
"id": "CVE-2022-21194"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-414055"
},
{
"db": "NVD",
"id": "CVE-2022-21194"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-11T00:00:00",
"db": "VULHUB",
"id": "VHN-414055"
},
{
"date": "2022-03-11T09:15:11.237000",
"db": "NVD",
"id": "CVE-2022-21194"
},
{
"date": "2022-03-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-18T00:00:00",
"db": "VULHUB",
"id": "VHN-414055"
},
{
"date": "2022-03-18T14:38:06.727000",
"db": "NVD",
"id": "CVE-2022-21194"
},
{
"date": "2022-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yokogawa Electric Trust Management Issue Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-1158"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.