CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets.
The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
- CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00. (CVE-2022-22729)
{"id": "TENABLE_OT_YOKOGAWA_CVE-2022-22729.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Yokogawa (CVE-2022-22729)", "description": "CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets.\nThe authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.\n\n - CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00. (CVE-2022-22729)", "published": "2022-03-18T00:00:00", "modified": "2022-03-22T00:00:00", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/ot/500610", "reporter": "This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22729", "https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf"], "cvelist": ["CVE-2022-22729"], "immutableFields": [], "lastseen": "2022-06-15T16:58:02", "viewCount": 13, "enchantments": {"vulnersScore": "PENDING"}, "_state": {}, "_internal": {}, "pluginID": "500610", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(500610);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/22\");\n\n script_cve_id(\"CVE-2022-22729\");\n\n script_name(english:\"Yokogawa (CVE-2022-22729)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote OT asset is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets.\nThe authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM\nVP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions\nfrom R3.72.00 to R3.79.00. This plugin only works with Tenable.ot. Please visit\nhttps://www.tenable.com/products/tenable-ot for more information.\n\n - CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the\n receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions\n from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and\n from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00. (CVE-2022-22729)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Refer to the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-22729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(287);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:yokogawa:centum_cs_3000_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:yokogawa:centum_cs_3000_entry_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:yokogawa:centum_vp_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:yokogawa:centum_vp_entry_firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Tenable.ot\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tenable_ot_api_integration.nasl\");\n script_require_keys(\"Tenable.ot/Yokogawa\");\n\n exit(0);\n}\n\n\ninclude('tenable_ot_cve_funcs.inc');\n\nget_kb_item_or_exit('Tenable.ot/Yokogawa');\n\nvar asset = tenable_ot::assets::get(vendor:'Yokogawa');\n\nvar vuln_cpes = {\n \"cpe:/o:yokogawa:centum_cs_3000_firmware\" :\n {\"versionEndIncluding\" : \"r3.09.00\", \"versionStartIncluding\" : \"r3.08.10\"},\n \"cpe:/o:yokogawa:centum_cs_3000_entry_firmware\" :\n {\"versionEndIncluding\" : \"r3.09.00\", \"versionStartIncluding\" : \"r3.08.10\"},\n \"cpe:/o:yokogawa:centum_vp_firmware\" :\n {\"versionEndIncluding\" : \"r5.04.20\", \"versionEndExcluding\" : \"r6.09.00\", \"versionStartIncluding\" : \"r6.01.00\"},\n \"cpe:/o:yokogawa:centum_vp_entry_firmware\" :\n {\"versionEndIncluding\" : \"r5.04.20\", \"versionEndExcluding\" : \"r6.09.00\", \"versionStartIncluding\" : \"r6.01.00\"}\n};\n\ntenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);\n", "naslFamily": "Tenable.ot", "cpe": ["cpe:/o:yokogawa:centum_cs_3000_firmware", "cpe:/o:yokogawa:centum_cs_3000_entry_firmware", "cpe:/o:yokogawa:centum_vp_firmware", "cpe:/o:yokogawa:centum_vp_entry_firmware"], "solution": "Refer to the vendor advisory.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2022-22729", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2022-03-11T00:00:00", "vulnerabilityPublicationDate": "2022-03-11T00:00:00", "exploitableWith": []}
{"cve": [{"lastseen": "2022-03-22T21:42:44", "description": "CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-11T09:15:00", "type": "cve", "title": "CVE-2022-22729", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-22729"], "modified": "2022-03-18T14:45:00", "cpe": ["cpe:/o:yokogawa:centum_cs_3000_entry_firmware:r3.09.00", "cpe:/o:yokogawa:centum_vp_entry_firmware:r5.04.20", "cpe:/o:yokogawa:centum_vp_firmware:r5.04.20", "cpe:/o:yokogawa:centum_cs_3000_firmware:r3.09.00", "cpe:/o:yokogawa:centum_vp_entry_firmware:r4.03.00", "cpe:/o:yokogawa:centum_vp_firmware:r4.03.00"], "id": "CVE-2022-22729", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22729", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:yokogawa:centum_vp_entry_firmware:r5.04.20:*:*:*:*:*:*:*", "cpe:2.3:o:yokogawa:centum_cs_3000_firmware:r3.09.00:*:*:*:*:*:*:*", "cpe:2.3:o:yokogawa:centum_vp_firmware:r4.03.00:*:*:*:*:*:*:*", "cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:r3.09.00:*:*:*:*:*:*:*", "cpe:2.3:o:yokogawa:centum_vp_entry_firmware:r4.03.00:*:*:*:*:*:*:*", "cpe:2.3:o:yokogawa:centum_vp_firmware:r5.04.20:*:*:*:*:*:*:*"]}], "ics": [{"lastseen": "2022-04-26T21:35:33", "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 8.6**\n * **ATTENTION:** Exploitable remotely/low skill level to exploit\n * **Vendor:** Yokogawa\n * **Equipment: **CENTUM and Exaopc\n * **Vulnerabilities: **Use of Hard-coded Credentials, Relative Path Traversal, Improper Output Neutralization for Logs, OS Command Injection, Permissions, Privileges, and Access Controls, Uncontrolled Search Path Element\n\n## 2\\. RISK EVALUATION\n\nSuccessful exploitation of these vulnerabilities in CAMS server functions can be abused to suppress alarms, read or write files, crash the server, or execute arbitrary code.\n\n## 3\\. TECHNICAL DETAILS\n\n### 3.1 AFFECTED PRODUCTS\n\nYokogawa reports these vulnerabilities affect the following distributed control system and software products: \n\n * CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class): R3.08.10 - R3.09.00\n * CENTUM VP (Including CENTUM VP Entry Class): \n * R4.01.00 - R4.03.00\n * R5.01.00 - R5.04.20\n * R6.01.00 - R6.08.00\n * Exaopc: (R3.72.00 - R3.79.00)\n\nYokogawa reports the following products are not directly affected by the vulnerabilities, but may be indirectly affected by the existence of CENTUM installed on the same PC:\n\n * B/M9000CS: (R5.04.01 - R5.05.01)\n * B/M9000 VP: (R6.01.01 - R8.03.01)\n\nUsage of the CAMS function may determine whether an installation is affected. Please see Yokogawa\u2019s full report ([YSAR-22-0001](<https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf>)) for details.\n\n### 3.2 VULNERABILITY OVERVIEW\n\n#### 3.2.1 [USE OF HARD-CODED CREDENTIALS CWE-798](<https://cwe.mitre.org/data/definitions/798.html>)\n\nIf the password for the OS account created when installing the product has not been changed from the default password and the hard-coded credentials (default password) for the account are used, an attacker could access files and shared memory in the system. The product is not affected by this vulnerability if the default password has been properly changed after installation.\n\n[CVE-2022-21194](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21194>) has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is ([AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H>)).\n\n#### 3.2.2 [USE OF HARD-CODED CREDENTIALS CWE-798](<https://cwe.mitre.org/data/definitions/798.html>)\n\nIf the hard-coded credentials for CAMS server application are used to send a malformed packet to CAMS server, all functions of CAMS server can be abused, including suppressing alarms.\n\n[CVE-2022-23402](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23402>) has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ([AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H>)).\n\n#### 3.2.3 [RELATIVE PATH TRAVERSAL CWE-23](<https://cwe.mitre.org/data/definitions/23.html>)\n\nA malformed packet sent to a CAMS for HIS server may allow an attacker to achieve relative path traversal and then read and write files or execute commands.\n\n[CVE-2022-21808](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21808>) and [CVE-2022-22729](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22729>) have been assigned to these vulnerabilities. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is ([AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.4 [IMPROPER OUTPUT NEUTRALIZATION FOR LOGS CWE-117](<https://cwe.mitre.org/data/definitions/117.html>)\n\nA malformed packet sent to a CAMS for HIS server may exploit an output neutralization vulnerability, allowing an attacker to crash the server or manipulate log files.\n\n[CVE-2022-22151](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22151>), [CVE-2022-21177](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21177>). and [CVE-2022-22145](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22145>) have been assigned to these vulnerabilities. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is ([AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H>)).\n\n#### 3.2.5 [OS COMMAND INJECTION CWE-78](<https://cwe.mitre.org/data/definitions/78.html>)\n\nA local attacker may be able to utilize a named pipe with inappropriate access privileges to execute arbitrary programs.\n\n[CVE-2022-22148](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22148>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H>)).\n\n#### 3.2.6 [PERMISSIONS, PRIVILEGES, AND ACCESS CONTROLS CWE-264](<https://cwe.mitre.org/data/definitions/264.html>)\n\nA local attacker may be able to utilize a named pipe with inappropriate access privileges to delete arbitrary files.\n\n[CVE-2022-22141](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22141>) has been assigned to this vulnerability. A CVSS v3 base score of 6.6 has been calculated; the CVSS vector string is ([AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H>)).\n\n#### 3.2.7 [UNCONTROLLED SEARCH PATH ELEMENT CWE-427](<https://cwe.mitre.org/data/definitions/427.html>)\n\nCENTUM and Exaopc have a DLL injection vulnerability and a DLL planting vulnerability using the DLL search order vulnerability. See [this link](<https://msrc-blog.microsoft.com/2018/04/10/triaging-a-dll-planting-vulnerability-2/>) for further details on this exploit type.\n\n[CVE-2022-23401](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23401>) has been assigned to this vulnerability. A CVSS v3 base score of 8.3 has been calculated; the CVSS vector string is ([AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H>)).\n\n### 3.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Critical Manufacturing, Energy, Food and Agriculture\n * **COUNTRIES/AREAS DEPLOYED: **Worldwide\n * **COMPANY HEADQUARTERS LOCATION: **Japan\n\n### 3.4 RESEARCHER\n\nJacob Baines from Dragos reported these vulnerabilities to Yokogawa.\n\n## 4\\. MITIGATIONS\n\nYokogawa recommends updating the following products:\n\n * CENTUM VP: update to R6.09.00 or later\n * Exaopc: update to R3.80.00 or later\n * CENTUM CS 3000: consider system upgrade to the latest revision of CENTUM VP\n\nThe method of obtaining and updating patch software depends on the support contract of each installation. Users who do not know how to obtain the update and install it should contact their service/sales person.\n\nPlease see Yokogawa\u2019s full report ([YSAR-22-0001](<https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf>)) for update details.\n\nFor questions related to this report, please contact [Yokogawa security](<https://contact.yokogawa.com/cs/gw?c-id=000498>). \n\nYokogawa also recommends the following countermeasures:\n\n * Follow the installation instructions for each product and change the password of the OS account created when installing the product to an appropriate one.\n * The initial password is set by default for the predefined user accounts in CENTUM VP and Exaopc. Be sure to change the initial password.\n * When changing the password, ensure that the same password is set in the entire system.\n * For more information about lists of the predefined user accounts in CENTUM VP and how to change the password for a user account, refer to: \"CENTUM VP Security Guide\"\n\nYokogawa strongly recommends users establish and maintain a full security program. Security program components include patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewalls, etc. \n\nYokogawa can assist in setting up and running security programs. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.\n\nFor questions related to this report, please [contact Yokogawa](<https://contact.yokogawa.com/cs/gw?c-id=000498>).\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://www.cisa.gov/uscert/ics/recommended-practices>) on the ICS webpage on [cisa.gov](<https://www.cisa.gov/uscert/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on cisa.gov](<https://www.cisa.gov/uscert/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities. \n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-22-083-01>); we'd welcome your feedback.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-24T00:00:00", "type": "ics", "title": "Yokogawa CENTUM and Exaopc", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21177", "CVE-2022-21194", "CVE-2022-21808", "CVE-2022-22141", "CVE-2022-22145", "CVE-2022-22148", "CVE-2022-22151", "CVE-2022-22729", "CVE-2022-23401", "CVE-2022-23402"], "modified": "2022-03-24T00:00:00", "id": "ICSA-22-083-01", "href": "https://www.us-cert.gov/ics/advisories/icsa-22-083-01", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
Yokogawa (CVE-2022-22729)
