CVE-2018-16196
HIGHYokogawa Centum CS 3000 Firmware - Improper Input Validation
Title source: ruleDescription
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106442
Third Party Advisory, VDB Entry x_refsource_misc
https://jvn.jp/vu/JVNVU93652047/index.html
Vendor Advisory x_refsource_misc
https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf
Scores
CVSS v3
7.5
EPSS
0.0334
EPSS Percentile
87.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (9)
yokogawa/b\/m9000_vp
r6.03.01 - r8.01.90
yokogawa/centum_cs_3000_entry_class
r3.05.00 - r3.09.50
yokogawa/centum_cs_3000_firmware
r3.05.00 - r3.09.50
yokogawa/centum_vp_entry_class
r4.01.00 - r6.03.10
yokogawa/centum_vp_firmware
r4.01.00 - r6.03.10
yokogawa/exaopc
r3.10.00 - r3.75.00
yokogawa/fast\/tools
r9.02.00 - r10.02.00
yokogawa/plant_resource_manager
r2.06.00 - r3.31.00
yokogawa/prosafe-rs
r1.02.00 - r4.02.00
Published
Jan 09, 2019
Tracked Since
Feb 18, 2026