VAR-201405-0456
Vulnerability from variot - Updated: 2023-12-18 12:21Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet. plural YOKOGAWA Product extended test function package BKESimmgr.exe Contains a stack-based buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted packet. The Yokogawa CENTUM CS3000 is a production control system. Yokogawa's multiple product simulator management process has a stack buffer overflow vulnerability due to the Yokogawa CENTUM CS3000 BKESimmgr.exe service failing to properly use memcpy to handle user-submitted special requests, allowing remote attackers to exploit vulnerabilities for buffer overflow attacks, making applications The context executes arbitrary code. Multiple Yokogawa products are prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successful exploits may allow an attacker to execute arbitrary code with system privileges. Failed attempts will likely cause a denial-of-service condition. Yokogawa CENTUM CS, etc. are all products of Japan's Yokogawa Electric (Yokogawa) company. Exaopc is an OPC data access server. Version 71.02 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.0 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0456",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "centum cs 1000 software",
"scope": "eq",
"trust": 1.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "b\\/m9000cs",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp entry class",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs 3000 entry class software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "3.09.50"
},
{
"model": "centum cs 3000 software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "2.23.00"
},
{
"model": "b\\/m9000 vp software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "7.03.01"
},
{
"model": "centum vp",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "b\\/m9000 vp",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "3.71.02"
},
{
"model": "centum vp entry class software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "5.03.00"
},
{
"model": "centum cs 3000 entry class",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "4.03.00"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "b\\/m9000cs software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "5.05.01"
},
{
"model": "b/m9000 vp",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "b/m9000 vp software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r7.03.01"
},
{
"model": "b/m9000cs",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "b/m9000cs software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r5.05.01"
},
{
"model": "centum cs 1000",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 1000 software",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 3000",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 3000 entry class",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 3000 entry class software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r3.09.50"
},
{
"model": "centum cs 3000 software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r2.23.00"
},
{
"model": "centum vp",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum vp entry class",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum vp entry class software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r5.03.00"
},
{
"model": "centum vp software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r4.03.00"
},
{
"model": "exaopc",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r3.71.02"
},
{
"model": "cs3000",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 3000 entry class software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "3.09.50"
},
{
"model": "b\\/m9000cs software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "5.05.01"
},
{
"model": "exaopc",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "3.71.02"
},
{
"model": "centum cs 3000 software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "2.23.00"
},
{
"model": "centum vp entry class software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "5.03.00"
},
{
"model": "b\\/m9000 vp software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "7.03.01"
},
{
"model": "centum vp software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "4.03.00"
},
{
"model": "cs3000",
"scope": "eq",
"trust": 0.2,
"vendor": "yokogawa electric",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000cs_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.05.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_1000_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.23.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000_entry_class_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.09.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000_entry_class:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.71.02",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000_vp_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.03.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp_entry_class_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.03.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp_entry_class:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.03.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0782"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "juan vazquez",
"sources": [
{
"db": "BID",
"id": "67324"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0782",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-0782",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-03050",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-68275",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0782",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-03050",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-286",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-68275",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "VULHUB",
"id": "VHN-68275"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet. plural YOKOGAWA Product extended test function package BKESimmgr.exe Contains a stack-based buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted packet. The Yokogawa CENTUM CS3000 is a production control system. Yokogawa\u0027s multiple product simulator management process has a stack buffer overflow vulnerability due to the Yokogawa CENTUM CS3000 BKESimmgr.exe service failing to properly use memcpy to handle user-submitted special requests, allowing remote attackers to exploit vulnerabilities for buffer overflow attacks, making applications The context executes arbitrary code. Multiple Yokogawa products are prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. \nSuccessful exploits may allow an attacker to execute arbitrary code with system privileges. Failed attempts will likely cause a denial-of-service condition. Yokogawa CENTUM CS, etc. are all products of Japan\u0027s Yokogawa Electric (Yokogawa) company. Exaopc is an OPC data access server. Version 71.02 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.0 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "BID",
"id": "67324"
},
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-68275"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-68275",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68275"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0782",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-14-133-01",
"trust": 2.5
},
{
"db": "BID",
"id": "67324",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201405-286",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-03050",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-14-070-01",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98181377",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535",
"trust": 0.8
},
{
"db": "EXPLOIT-DB",
"id": "33331",
"trust": 0.7
},
{
"db": "EXPLOITDB",
"id": "33331",
"trust": 0.6
},
{
"db": "IVD",
"id": "FB553AC2-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126573",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-86556",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-68275",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "VULHUB",
"id": "VHN-68275"
},
{
"db": "BID",
"id": "67324"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
]
},
"id": "VAR-201405-0456",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "VULHUB",
"id": "VHN-68275"
}
],
"trust": 1.4101788266666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
}
]
},
"last_update_date": "2023-12-18T12:21:23.728000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "YSAR-14-0001: CENTUM \u3092\u542b\u3080 YOKOGAWA \u88fd\u54c1\u306b\u8907\u6570\u306e\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "http://www.yokogawa.co.jp/dcs/security/ysar/ysar-14-0001.pdf"
},
{
"title": "Yokogawa Multiple Product Simulator Management Process Stack Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/45632"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-68275"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"db": "NVD",
"id": "CVE-2014-0782"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-133-01"
},
{
"trust": 1.7,
"url": "http://www.yokogawa.com/dcs/security/ysar/ysar-14-0001e.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0782"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-070-01"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu98181377/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0782"
},
{
"trust": 0.6,
"url": "http://www.exploit-db.com/exploits/33331/"
},
{
"trust": 0.6,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/05/09/r7-2013-192-disclosure-yokogawa-centum-cs-3000-vulnerabilities"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "VULHUB",
"id": "VHN-68275"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"db": "VULHUB",
"id": "VHN-68275"
},
{
"db": "BID",
"id": "67324"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-16T00:00:00",
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-05-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"date": "2014-05-16T00:00:00",
"db": "VULHUB",
"id": "VHN-68275"
},
{
"date": "2014-05-09T00:00:00",
"db": "BID",
"id": "67324"
},
{
"date": "2014-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"date": "2014-05-16T11:12:00.243000",
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"date": "2014-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03050"
},
{
"date": "2014-05-19T00:00:00",
"db": "VULHUB",
"id": "VHN-68275"
},
{
"date": "2014-05-16T00:51:00",
"db": "BID",
"id": "67324"
},
{
"date": "2014-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002535"
},
{
"date": "2014-05-19T14:57:56.633000",
"db": "NVD",
"id": "CVE-2014-0782"
},
{
"date": "2014-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yokogawa Multiple Product Simulator Management Process Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03050"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "fb553ac2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-286"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…