var-201407-0492
Vulnerability from variot
Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA The product contains a buffer overflow vulnerability. This vulnerability JVNVU#98181377 Is different. JVNVU#98181377 http://jvn.jp/vu/JVNVU98181377/index.htmlIf a specially crafted packet is processed while the extended test function is running, the process may stop. In some cases, arbitrary code may be executed with the privileges of the user running the product. Yokogawa Corporation (YOKOGAWA) is a world-renowned leader in measurement, industrial automation control, and information systems. There are buffer overflow vulnerabilities in Yokogawa's multiple products 'BKFSim_vhfd.exe'. Since the sub_403E10\" (IDA notation) function in multiple YOKOGAWA products \"BKFSim_vhfd.exe\" service is used for logging functions, the function uses user controllable data to create logs. Using similar vsprintf and memcpy functions can cause an attacker to trigger a buffer overflow, which can crash an application or execute arbitrary code in the context of an application. Multiple Yokogawa Products are prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Yokogawa CENTUM CS, etc. are all products of Japan's Yokogawa Electric (Yokogawa) company. Yokogawa CENTUM CS and CENTUM VP are large-scale production control systems. Exaopc is an OPC data access server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201407-0492",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "centum cs 1000 software",
"scope": "eq",
"trust": 1.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "b\\/m9000cs",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp software",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": "4.03.00"
},
{
"model": "centum cs 3000 software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "2.23.00"
},
{
"model": "centum vp",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": "3.71.02"
},
{
"model": "b\\/m9000 vp software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "7.03.01"
},
{
"model": "centum cs 3000 entry class software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "3.09.50"
},
{
"model": "centum cs 1000",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "b\\/m9000 vp",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "5.03.20"
},
{
"model": "centum vp entry class software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "5.03.00"
},
{
"model": "centum vp entry class",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs 3000 entry class",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 1.0,
"vendor": "yokogawa",
"version": null
},
{
"model": "b\\/m9000cs software",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "5.05.01"
},
{
"model": "exaopc",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "3.72.00"
},
{
"model": "b/m9000 vp",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "b/m9000 vp software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r7.03.01"
},
{
"model": "b/m9000cs",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "b/m9000cs software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r5.05.01"
},
{
"model": "centum cs 1000",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 1000 software",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "none"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "small"
},
{
"model": "centum cs 3000 entry class software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r3.09.50"
},
{
"model": "centum cs 3000 software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r3.09.50"
},
{
"model": "centum vp",
"scope": "eq",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "none"
},
{
"model": "centum vp",
"scope": "eq",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "basic"
},
{
"model": "centum vp",
"scope": "eq",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "small"
},
{
"model": "centum vp entry class software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r5.03.20"
},
{
"model": "centum vp software",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r5.03.20"
},
{
"model": "exaopc",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "72.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "exaopc",
"version": "3.71.02"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "exaopc",
"version": "*"
},
{
"model": "cs3000",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.08.70"
},
{
"model": "centum cs 3000 entry class software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "3.09.50"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.08.50"
},
{
"model": "centum cs 3000 software",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "2.23.00"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.09"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.07"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.09.50"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.08"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.06"
}
],
"sources": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.72.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:3.71.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000cs_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.05.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp_entry_class_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.03.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp_entry_class:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp_software:4.03.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.03.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000_vp_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.03.01",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.70:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.09.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.23.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_1000_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000_entry_class_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.09.50",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:yokogawa:centum_cs_3000_entry_class:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3888"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "juan vazquez",
"sources": [
{
"db": "BID",
"id": "68428"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3888",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2014-003164",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-04231",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "aef169b2-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d758acf-463f-11e9-86c9-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-71828",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3888",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2014-003164",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-04231",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201407-258",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-71828",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"db": "VULHUB",
"id": "VHN-71828"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet. Integrated production control system provided by Yokogawa Electric Corporation CENTUM Including multiple YOKOGAWA The product contains a buffer overflow vulnerability. This vulnerability JVNVU#98181377 Is different. JVNVU#98181377 http://jvn.jp/vu/JVNVU98181377/index.htmlIf a specially crafted packet is processed while the extended test function is running, the process may stop. In some cases, arbitrary code may be executed with the privileges of the user running the product. Yokogawa Corporation (YOKOGAWA) is a world-renowned leader in measurement, industrial automation control, and information systems. There are buffer overflow vulnerabilities in Yokogawa\u0027s multiple products \u0027BKFSim_vhfd.exe\u0027. Since the sub_403E10\\\" (IDA notation) function in multiple YOKOGAWA products \\\"BKFSim_vhfd.exe\\\" service is used for logging functions, the function uses user controllable data to create logs. Using similar vsprintf and memcpy functions can cause an attacker to trigger a buffer overflow, which can crash an application or execute arbitrary code in the context of an application. Multiple Yokogawa Products are prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Failed attempts will likely cause a denial-of-service condition. Yokogawa CENTUM CS, etc. are all products of Japan\u0027s Yokogawa Electric (Yokogawa) company. Yokogawa CENTUM CS and CENTUM VP are large-scale production control systems. Exaopc is an OPC data access server",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"db": "BID",
"id": "68428"
},
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-71828"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-71828",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71828"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3888",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-14-189-01",
"trust": 2.5
},
{
"db": "CNNVD",
"id": "CNNVD-201407-258",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2014-04231",
"trust": 1.2
},
{
"db": "PACKETSTORM",
"id": "127382",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "34009",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "108756",
"trust": 1.1
},
{
"db": "BID",
"id": "68428",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU95045914",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164",
"trust": 0.8
},
{
"db": "IVD",
"id": "AEF169B2-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "E7929A0C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D758ACF-463F-11E9-86C9-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-71828",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"db": "VULHUB",
"id": "VHN-71828"
},
{
"db": "BID",
"id": "68428"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
]
},
"id": "VAR-201407-0492",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"db": "VULHUB",
"id": "VHN-71828"
}
],
"trust": 1.8101788266666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
}
]
},
"last_update_date": "2023-12-18T12:38:13.814000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "\u6a2a\u6cb3\u96fb\u6a5f\u682a\u5f0f\u4f1a\u793e \u306e\u544a\u77e5\u30da\u30fc\u30b8",
"trust": 0.8,
"url": "http://www.yokogawa.co.jp/dcs/security/ysar/dcs-ysar-index-ja.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71828"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"db": "NVD",
"id": "CVE-2014-3888"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-189-01"
},
{
"trust": 1.7,
"url": "http://www.yokogawa.com/dcs/security/ysar/ysar-14-0002e.pdf"
},
{
"trust": 1.1,
"url": "http://www.exploit-db.com/exploits/34009"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/127382/yokogawa-cs3000-bkfsim_vhfd.exe-buffer-overflow.html"
},
{
"trust": 1.1,
"url": "http://osvdb.org/show/osvdb/108756"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3888"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95045914/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3888"
},
{
"trust": 0.6,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/07/07/r7-2014-06-disclosure-yokogawa-centum-cs-3000-bkfsimvhfdexe-buffer-overflow"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"db": "VULHUB",
"id": "VHN-71828"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"db": "VULHUB",
"id": "VHN-71828"
},
{
"db": "BID",
"id": "68428"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-11T00:00:00",
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-07-11T00:00:00",
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-07-11T00:00:00",
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"date": "2014-07-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"date": "2014-07-10T00:00:00",
"db": "VULHUB",
"id": "VHN-71828"
},
{
"date": "2014-07-07T00:00:00",
"db": "BID",
"id": "68428"
},
{
"date": "2014-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"date": "2014-07-10T11:06:28.880000",
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"date": "2014-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-07-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-04231"
},
{
"date": "2015-10-08T00:00:00",
"db": "VULHUB",
"id": "VHN-71828"
},
{
"date": "2014-08-27T00:04:00",
"db": "BID",
"id": "68428"
},
{
"date": "2014-07-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003164"
},
{
"date": "2015-10-08T15:15:10.473000",
"db": "NVD",
"id": "CVE-2014-3888"
},
{
"date": "2014-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yokogawa Multiple products \u0027BKFSim_vhfd.exe\u0027 Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2014-04231"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "aef169b2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e7929a0c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d758acf-463f-11e9-86c9-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201407-258"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.