CVE-2019-5909
CRITICALYOKOGAWA CENTUM VP R5.01.00-R6.06.00, ProSafe-RS R3.01.00-R4.04.00 - Improper Authentication
Title source: llmDescription
License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
https://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106772
Third Party Advisory x_refsource_misc
http://jvn.jp/vu/JVNVU99147082/index.html
Scores
CVSS v3
9.8
EPSS
0.0541
EPSS Percentile
91.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (4)
yokogawa/b\/m_9000_vp
r7.01.01 - r8.02.03
yokogawa/centum_vp
r5.01.00 - r6.06.00 (3 CPE variants)
yokogawa/prm
r4.01.00 - r4.02.00
yokogawa/prosafe-rs
r3.01.00 - r4.04.00
Published
Feb 13, 2019
Tracked Since
Feb 18, 2026