Vulnerabilities fixed in Yokogawa Centum VP, ProSafe-RS and B/M9000 VP

Yokogawa has fixed vulnerabilities in Centum VP, ProSafe-RS and B/M9000 VP. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access t...

Yokogawa CENTUM and ProSafe-RS

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Yokogawa Equipment: CENTUM and ProSafe-RS Vulnerabilities: OS Command Injection, Improper Authentication, NULL Pointer Dereference, Improper Input Validation, Resource Management Errors 2. RISK...

Yokogawa iDefine, STARDOM, ASTPLANNER, and TriFellows Stack-Based Buffer Overflow (CVE-2018-0651)

Buffer overflow in the license management function of YOKOGAWA products iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier allows remote attackers to stop the license...

Yokogawa Vnet/IP Open Communication Driver Denial-of-Service (ICSA-19-003-02)

Binary data 720286.prm...

CVE-2019-5909

CVE-2019-5909 concerns Yokogawa License Manager Service across multiple products (CENTUM VP, CENTUM VP Entry Class, ProSafe-RS, PRM, B/M9000 VP). The vulnerability arises from improper access control that allows a remote attacker to upload arbitrary files to the PC running License Manager, enabli...

Yokogawa License Manager Service

1. EXECUTIVE SUMMARY CVSS v8.1 ATTENTION : Exploitable remotely Vendor : Yokogawa Equipment : License Manager Service Vulnerability : Unrestricted Upload of Files with Dangerous Type 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to remotely upload files,...

CVE-2018-16196

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver CENTUM CS 3000R3.05.00 - R3.09.50, CENTUM CS 3000 Entry ClassR3.05.00 - R3.09.50, CENTUM VPR4.01.00 - R6.03.10, CENTUM VP Entry ClassR4.01.00 - R6.03.10, ExaopcR3.10.00 - R3.75.00, PRMR2.06.00 - R3.31.00, ProSafe-RSR1.02.00...

Design/Logic Flaw

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver CENTUM CS 3000R3.05.00 - R3.09.50, CENTUM CS 3000 Entry ClassR3.05.00 - R3.09.50, CENTUM VPR4.01.00 - R6.03.10, CENTUM VP Entry ClassR4.01.00 - R6.03.10, ExaopcR3.10.00 - R3.75.00, PRMR2.06.00 - R3.31.00, ProSafe-RSR1.02.00...

CVE-2018-0651

Buffer overflow in the license management function of YOKOGAWA products iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier allows remote attackers to stop the license...

Yokogawa Multiple Products Buffer Overflow Vulnerabilities

OVERVIEW Yokogawa Electric Corporation has notified NCCIC/ICS-CERT of stack-based buffer overflow vulnerabilities in multiple Yokogawa products. Yokogawa has released product revisions that mitigate the vulnerabilities for many of the vulnerable products. These vulnerabilities could be exploited...

Yokogawa Multiple Products Vulnerabilities

OVERVIEW Yokogawa reports that several buffer overflow vulnerabilities affect several of its products. Juan Vazquez of Rapid7 Inc.,Rapid7 Inc., http://www.rapid7.com, web site last accessed May 13, 2014. and independent researcher Julian Vilas Diaz reported to CERT/CC that they identified several...