CVE-2018-16196

HIGH

Yokogawa Centum CS 3000 Firmware - Improper Input Validation

Title source: rule
STIX 2.1

Description

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106442
Third Party Advisory, VDB Entry x_refsource_misc
https://jvn.jp/vu/JVNVU93652047/index.html

Scores

CVSS v3 7.5
EPSS 0.0334
EPSS Percentile 87.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (9)
yokogawa/b\/m9000_vp r6.03.01 - r8.01.90
yokogawa/centum_cs_3000_entry_class r3.05.00 - r3.09.50
yokogawa/centum_cs_3000_firmware r3.05.00 - r3.09.50
yokogawa/centum_vp_entry_class r4.01.00 - r6.03.10
yokogawa/centum_vp_firmware r4.01.00 - r6.03.10
yokogawa/exaopc r3.10.00 - r3.75.00
yokogawa/fast\/tools r9.02.00 - r10.02.00
yokogawa/plant_resource_manager r2.06.00 - r3.31.00
yokogawa/prosafe-rs r1.02.00 - r4.02.00
Published Jan 09, 2019
Tracked Since Feb 18, 2026