EUVD-2020-26769

Malware in sbrugna...

EUVD-2022-31723

Malicious code in bioql PyPI...

CVE-2020-5608

CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered...

CVE-2023-26593

CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM manag...

CVE-2023-26593

CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM manag...

CVE-2022-30707

Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00, CENTUM series where CAMS function is used CENTUM VP, CENTUM VP Small, and...

Information disclosure

Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00, CENTUM series where CAMS function is used CENTUM VP, CENTUM VP Small, and...

CVE-2022-30707

CVE-2022-30707 affects Yokogawa CAMS for HIS across CENTUM CS 3000 (LHS4800), CENTUM VP/VP Basic (R4.01.00–R6.09.00), Exaopc (R3.72.00–R3.80.00 with NTPF100-S6), B/M9000 CS (R5.04.01–R5.05.01) and B/M9000 VP (R6.01.01–R8.03.01). Root cause: violation of secure design principles in CAMS for HIS co...

CVE-2022-27188

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...

CVE-2022-27188

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...

Command injection

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...

Authentication flaw

Improper authentication vulnerability in the communication protocol provided by AD Automation Design server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions...

CVE-2022-27188

CVE-2022-27188 is a local OS command injection in Yokogawa CENTUM VP family. A local attacker who can access the affected machine could modify a file generated by Graphic Builder to execute arbitrary OS commands. Affected: CENTUM VP variants R4.01.00–R4.03.00, CENTUM VP Small/BASIC (same ranges),...

CVE-2022-27188

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute ...

CVE-2022-26034

The CVE-2022-26034 issue affects Yokogawa CENTUM VP family and B/M9000 VP (notably CENTUM VP R6.01.10–R6.09.00; B/M9000 VP R8.01.01–R8.03.01; and ProSafe-RS up to R4.07.00 if RS4E5000 is installed). The root cause is improper authentication in the AD server’s communication protocol, enabling an a...

CVE-2022-26034

Improper authentication vulnerability in the communication protocol provided by AD Automation Design server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions...

Yokogawa CENTUM, Exaopc and B/M9000 Stack-based Buffer Overflow (CVE-2014-3888)

Stack-based buffer overflow in BKFSimvhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attacke...

Yokogawa CENTUM, Exaopc and B/M9000 Stack-based Buffer Overflow (CVE-2014-0782)

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier,...

CVE-2020-5609

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to crea...

CVE-2020-5608

CAMS for HIS CENTUM CS 3000 includes CENTUM CS 3000 Small R3.08.10 to R3.09.50, CENTUM VP includes CENTUM VP Small, Basic R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered...