Lucene search

CVE-2022-30707

🗓️ 28 Jun 2022 13:12:15Reported by jpcertType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 56 Views

Violation of secure design principles in CAMS for HIS communication in CENTUM series, CENTUM VP, CENTUM VP Small, CENTUM VP Basic, Exaopc, B/M9000 CS, and B/M9000 VP can lead to adjacent attacker compromising and accessing data

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Prion	Information disclosure	28 Jun 202213:15	–	prion
Cvelist	CVE-2022-30707	28 Jun 202210:05	–	cvelist
Tenable Nessus	Yokogawa CAMS for HIS Violation of Secure Design Principles (CVE-2022-30707)	15 Jul 202200:00	–	nessus
ICS	Yokogawa CAMS for HIS	23 Jun 202200:00	–	ics
NVD	CVE-2022-30707	28 Jun 202213:15	–	nvd

Nvd

Node

yokogawa centum_cs_3000_firmwareRanger3.08.10–r3.09.00

AND

yokogawa centum_cs_3000Match-

Node

yokogawa centum_cs_3000_entry_class_firmwareRanger3.08.10–r3.09.00

AND

yokogawa centum_cs_3000_entry_classMatch-

Node

yokogawa centum_vp_firmwareRanger4.01.00–r4.03.00

yokogawa centum_vp_firmwareRanger5.01.00–r5.04.20

yokogawa centum_vp_firmwareRanger6.01.00–r6.09.00

AND

yokogawa centum_vpMatch-

Node

yokogawa centum_vp_entry_class_firmwareRanger4.01.00–r4.03.00

yokogawa centum_vp_entry_class_firmwareRanger5.01.00–r5.04.20

yokogawa centum_vp_entry_class_firmwareRanger6.01.00–r6.09.00

AND

yokogawa centum_vp_entry_classMatch-

Node

yokogawa exaopcRanger3.72.00–r3.80.00

Node

yokogawa b/m9000_vpRanger6.01.01–r8.03.01

yokogawa b/m9000csRanger5.04.01–r5.05.01

[
  {
    "product": "CAMS for HIS",
    "vendor": "Yokogawa Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R4.01.00 to R4.03.00), CENTUM series regardless of the use of CAMS function (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R5.01.00 to R5.04.20 and R6.01.00 to R6.09.00), Exaopc R3.72.00 to R3.80.00 (only if NTPF100-S6 'For CENTUM VP Support CAMS for HIS' is installed), B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01"
      }
    ]
  }
]

Source	Link
jvn	www.jvn.jp/vu/JVNVU92819891/index.html
cisa	www.cisa.gov/uscert/ics/advisories/icsa-22-174-02
web-material3	www.web-material3.yokogawa.com/1/32780/files/YSAR-22-0006-E.pdf
web-material3	www.web-material3.yokogawa.com/19/32780/files/YSAR-22-0006-J.pdf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Jun 2022 13:15Current

8.5High risk

Vulners AI Score8.5

CVSS25.4

CVSS38.8

EPSS0.00169