Description
'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products creates some named pipe with imporper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf
Scores
CVSS v3
7.8
EPSS
0.0005
EPSS Percentile
15.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-732
Status
published
Products (5)
yokogawa/centum_cs_3000_entry_firmware
r3.08.10 - r3.09.00
yokogawa/centum_cs_3000_firmware
r3.08.10 - r3.09.00
yokogawa/centum_vp_entry_firmware
r4.01.00 - r4.03.00
yokogawa/centum_vp_firmware
r4.01.00 - r4.03.00
yokogawa/exaopc
r3.72.00 - r3.80.00
Published
Mar 11, 2022
Tracked Since
Feb 18, 2026