CVE-2022-23402

The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

EUVD-2022-26418

Malicious code in bioql PyPI...

EUVD-2022-27872

Malicious code in bioql PyPI...

EUVD-2022-28479

Malicious code in bioql PyPI...

EUVD-2022-28480

Malicious code in bioql PyPI...

EUVD-2022-27295

Malicious code in bioql PyPI...

EUVD-2022-26969

Malicious code in bioql PyPI...

EUVD-2022-27289

Malicious code in bioql PyPI...

EUVD-2022-27292

Malicious code in bioql PyPI...

CVE-2022-21808

Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.0...

CVE-2022-23401

The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00...

CVE-2022-22151

CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions fr...

CVE-2022-22145

CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions...

CVE-2022-21194

The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00...

CVE-2022-22148

'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc...

CVE-2022-22729

CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to...

CVE-2022-21177

There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, andfrom R6.01.00 to R6.08.00, Exaopc versions from...

The vulnerabilities of distributed control systems such as CENTUM CS 1000, CENTUM CS 3000, CENTUM CS 3000 Entry Class, CENTUM VP, and CENTUM VP Entry Class, B/M9000CS, B/M9000 VP, and the OPC-server Exaopc are related to the unencrypted storage of account data. This allows attackers to exploit these vulnerabilities to gain increased privileges.

The vulnerabilities of distributed control systems such as CENTUM CS 1000, CENTUM CS 3000, CENTUM CS 3000 Entry Class, CENTUM VP, and CENTUM VP Entry Class, B/M9000CS, B/M9000 VP, and the OPC-server Exaopc are related to unencrypted storage of account data. Exploiting these vulnerabilities can...

多款Yokogawa产品安全漏洞

Yokogawa Electric is a server of Yokogawa Electric Yokogawa Japan. A security vulnerability exists in several Yokogawa products, which stems from an elevation of privilege vulnerability discovered in CENTUM Authentication Mode. The following products and versions are affected: CENTUM CS 1000,...

The vulnerabilities of distributed control systems such as CENTUM CS 3000, CENTUM VP, B/M9000 VP, B/M9000CS, and the OPC-server Exaopc are related to violations of secure design principles. These vulnerabilities allow attackers to access protected information or cause service failures.

The vulnerabilities of distributed control systems such as CENTUM CS 3000, CENTUM VP, B/M9000 VP, B/M9000CS, and OPC-servers from Exaopc are related to violations of secure design principles. Exploitation of these vulnerabilities can allow attackers to access protected information or cause servic...