3 matches found
CVE-2022-22148
'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc...
Yokogawa CENTUM and Exaopc Improper Neutralization of Special Elements Used in an OS Command (CVE-2022-22148)
'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc...
CVE-2022-22148
CVE-2022-22148 affects Yokogawa CENTUM CS 3000 (R3.08.10–R3.09.00), CENTUM VP (R4.01.00–R4.03.00, R5.01.00–R5.04.20, R6.01.00–R6.08.00), and Exaopc (R3.72.00–R3.79.00). Root Service creates a named pipe with improper ACLs, enabling OS command injection via a local attacker to run arbitrary progra...