Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_YOKOGAWA_CVE-2018-16196.NASL
HistoryFeb 07, 2022 - 12:00 a.m.

Yokogawa Vnet/IP Open Communication Driver Resource Management Errors (CVE-2018-16196)

2022-02-0700:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.005 Low

EPSS

Percentile

77.3%

JSON

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver’s communication via unspecified vectors.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(500115);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2018-16196");

  script_name(english:"Yokogawa Vnet/IP Open Communication Driver Resource Management Errors (CVE-2018-16196)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM
CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10),
Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 -
R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result
in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.  

This plugin only works with
Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-19-003-02");
  script_set_attribute(attribute:"see_also", value:"https://jvn.jp/vu/JVNVU93652047/index.html");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/106442");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Yokogawa recommends users of affected devices and versions update to the latest available release.

Details about the products, affected revisions, and suggested mitigations are available in the Yokogawa Security
Advisory Report YSAR-18-0008: denial of service (DoS) vulnerability in Vnet/IP Open Communication Driver.

Please see Yokogawa Security Advisory Report YSAR-18-0008 at the following location for more information:

https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf

For questions related to this report and details regarding how to update to the newest revision, please visit the
Yokogawa security website (registration required):

https://contact.yokogawa.com/cs/gw?c-id=000498");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-16196");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(20);

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/01/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:yokogawa:centum_cs_3000_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:yokogawa:centum_vp_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Yokogawa");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Yokogawa');

var asset = tenable_ot::assets::get(vendor:'Yokogawa');

var vuln_cpes = {
    "cpe:/o:yokogawa:centum_cs_3000_firmware" :
        {"versionEndIncluding" : "r3.09.50", "versionStartIncluding" : "r3.05.00", "family" : "CentumVP"},
    "cpe:/o:yokogawa:centum_vp_firmware" :
        {"versionEndIncluding" : "r6.03.10", "versionStartIncluding" : "r4.01.00", "family" : "CentumVP"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
VendorProductVersionCPE
yokogawacentum_cs_3000_firmwarecpe:/o:yokogawa:centum_cs_3000_firmware
yokogawacentum_vp_firmwarecpe:/o:yokogawa:centum_vp_firmware

Related

nessus 1
ics 1
cve 1
nvd 1
cvelist 1
prion 1
nessus
nessus
Yokogawa Centum Improper Input Validation
2019-11-08 00:00:00
ics
ics
Yokogawa Vnet/IP Open Communication Driver
2019-01-03 12:00:00
cve
cve
CVE-2018-16196
2019-01-09 23:29:04
nvd
nvd
CVE-2018-16196
2019-01-09 23:29:04
cvelist
cvelist
CVE-2018-16196
2019-01-09 22:00:00
prion
prion
Design/Logic Flaw
2019-01-09 23:29:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.005 Low

EPSS

Percentile

77.3%

JSON
Related for TENABLE_OT_YOKOGAWA_CVE-2018-16196.NASL
nessus1ics1cve1nvd1cvelist1prion1