CVE-2022-23402

🗓️ 11 Mar 2022 09:10:53Reported by jpcertType

The Yokogawa Electric products hard-code the password for CAMS server application

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2022-23402	11 Mar 202209:15	–	attackerkb
BDU FSTEC	The vulnerability of the centralized system for managing emergency messages and events in CAMS, compared to distributed systems like CENTUM, allows a intruder to cause system failures, including the suppression of emergency signals.	7 Feb 202200:00	–	bdu_fstec
Circl	CVE-2022-23402	11 Mar 202212:14	–	circl
CNNVD	Yokogawa Electric 信任管理问题漏洞	11 Mar 202200:00	–	cnnvd
CVE	CVE-2022-23402	11 Mar 202209:10	–	cve
EUVD	EUVD-2022-28480	3 Oct 202520:07	–	euvd
ICS	Yokogawa CENTUM and Exaopc	24 Mar 202200:00	–	ics
NCSC	Vulnerabilities fixed in Yokogawa CENTUM VP	14 Mar 202200:00	–	ncsc
NVD	CVE-2022-23402	11 Mar 202209:15	–	nvd
OSV	CVE-2022-23402	11 Mar 202209:15	–	osv

[
  {
    "product": "CENTUM VP",
    "vendor": "Yokogawa Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "versions from R5.01.00 to R5.04.20"
      },
      {
        "status": "affected",
        "version": "versions from R6.01.00 to R6.08.00"
      }
    ]
  },
  {
    "product": "Exaopc",
    "vendor": "Yokogawa Electric Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "versions from R3.72.00 to R3.79.00"
      }
    ]
  }
]

Source	Link
web-material3	www.web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf

11 Mar 2022 09:10Current

9.8High risk

Vulners AI Score9.8

EPSS0.00408

CWE-798