28 matches found
EUVD-2022-31723
Malicious code in bioql PyPI...
CVE-2023-26593
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM manag...
CVE-2023-26593
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM manag...
The vulnerabilities of distributed control systems such as CENTUM CS 3000, CENTUM VP, B/M9000 VP, B/M9000CS, and the OPC-server Exaopc are related to violations of secure design principles. These vulnerabilities allow attackers to access protected information or cause service failures.
The vulnerabilities of distributed control systems such as CENTUM CS 3000, CENTUM VP, B/M9000 VP, B/M9000CS, and OPC-servers from Exaopc are related to violations of secure design principles. Exploitation of these vulnerabilities can allow attackers to access protected information or cause servic...
CVE-2022-30707
Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00, CENTUM series where CAMS function is used CENTUM VP, CENTUM VP Small, and...
Information disclosure
Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00, CENTUM series where CAMS function is used CENTUM VP, CENTUM VP Small, and...
CVE-2022-30707
CVE-2022-30707 affects Yokogawa CAMS for HIS across CENTUM CS 3000 (LHS4800), CENTUM VP/VP Basic (R4.01.00–R6.09.00), Exaopc (R3.72.00–R3.80.00 with NTPF100-S6), B/M9000 CS (R5.04.01–R5.05.01) and B/M9000 VP (R6.01.01–R8.03.01). Root cause: violation of secure design principles in CAMS for HIS co...
CVE-2022-27188
OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...
CVE-2022-27188
OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...
Command injection
OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...
Authentication flaw
Improper authentication vulnerability in the communication protocol provided by AD Automation Design server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions...
CVE-2022-27188
CVE-2022-27188 is a local OS command injection in Yokogawa CENTUM VP family. A local attacker who can access the affected machine could modify a file generated by Graphic Builder to execute arbitrary OS commands. Affected: CENTUM VP variants R4.01.00–R4.03.00, CENTUM VP Small/BASIC (same ranges),...
CVE-2022-27188
OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...
CVE-2022-26034
The CVE-2022-26034 issue affects Yokogawa CENTUM VP family and B/M9000 VP (notably CENTUM VP R6.01.10–R6.09.00; B/M9000 VP R8.01.01–R8.03.01; and ProSafe-RS up to R4.07.00 if RS4E5000 is installed). The root cause is improper authentication in the AD server’s communication protocol, enabling an a...
CVE-2022-26034
Improper authentication vulnerability in the communication protocol provided by AD Automation Design server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions...
CVE-2020-5608
CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered...
CVE-2020-5609
Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to crea...
Authentication flaw
CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered...
Directory traversal
Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to crea...
CVE-2020-5608
CVE-2020-5608 affects Yokogawa CAMS for HIS CENTUM CS 3000 (including CENTUM CS 3000 Small) R3.08.10–R3.09.50, CENTUM VP (including CENTUM VP Small/Basic) R4.01.00–R6.07.00, B/M9000CS R5.04.01–R5.05.01, and B/M9000 VP R6.01.01–R8.03.01. The vulnerability is an improper authentication (CWE-287) ri...