Exaopc@* Security Vulnerabilities and Issues — Exaopc@* CVE List

Lucene search

YokogawaExaopc*

21 matches found

CVE•added 2022/03/11 9:15 a.m.•101 views

CVE-2022-22729

CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5....

8.8CVSS8.7AI score0.00143EPSS

CVE•added 2022/03/11 9:15 a.m.•93 views

CVE-2022-21194

The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.

9.8CVSS9.4AI score0.00408EPSS

CVE•added 2022/03/11 9:15 a.m.•92 views

CVE-2022-22141

'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products creates some named pipe with imporper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to ...

7.8CVSS7.5AI score0.00049EPSS

CVE•added 2022/03/11 9:15 a.m.•91 views

CVE-2022-22145

CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions fr...

8.1CVSS8AI score0.0035EPSS

CVE•added 2022/03/11 9:15 a.m.•87 views

CVE-2022-23401

The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.

7.8CVSS7.5AI score0.00061EPSS

CVE•added 2022/03/11 9:15 a.m.•82 views

CVE-2022-21177

There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, andfrom R6.01.00 to R6.08.00, Exaopc versions from R3...

8.1CVSS7.9AI score0.00464EPSS

CVE•added 2022/03/11 9:15 a.m.•80 views

CVE-2022-22151

CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from...

8.1CVSS8AI score0.0035EPSS

CVE•added 2022/03/11 9:15 a.m.•79 views

CVE-2022-22148

'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc v...

7.8CVSS7.5AI score0.00038EPSS

CVE•added 2022/03/11 9:15 a.m.•69 views

CVE-2022-21808

Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 ...

8.8CVSS8.6AI score0.00743EPSS

CVE•added 2014/05/16 11:12 a.m.•65 views

CVE-2014-0782

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, a...

8.3CVSS8AI score0.19054EPSS

CVE•added 2022/06/28 1:15 p.m.•60 views

CVE-2022-30707

Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and C...

8.8CVSS8.5AI score0.00359EPSS

CVE•added 2020/02/05 7:15 p.m.•59 views

CVE-2015-5626

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum...

10CVSS9.2AI score0.01019EPSS

CVE•added 2020/02/05 7:15 p.m.•59 views

CVE-2015-5627

10CVSS9.2AI score0.01019EPSS

CVE•added 2020/02/05 7:15 p.m.•54 views

CVE-2015-5628

10CVSS9.7AI score0.05752EPSS

CVE•added 2022/03/11 9:15 a.m.•54 views

CVE-2022-23402

The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00

9.8CVSS9.5AI score0.00408EPSS

CVE•added 2014/07/10 11:6 a.m.•47 views

CVE-2014-3888

Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attacker...

8.3CVSS8.1AI score0.2899EPSS

CVE•added 2019/01/09 11:29 p.m.•45 views

CVE-2018-16196

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe...

7.5CVSS7.3AI score0.02309EPSS

CVE•added 2019/12/26 4:15 p.m.•45 views

CVE-2019-6008

An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.0...

7.8CVSS7.9AI score0.00381EPSS

CVE•added 2014/12/22 5:59 p.m.•44 views

CVE-2014-5208

BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbi...

7.5CVSS6.3AI score0.08455EPSS

CVE•added 2018/04/17 9:29 p.m.•42 views

CVE-2018-8838

A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exao...

6.5CVSS6.3AI score0.00063EPSS

CVE•added 2023/04/11 9:15 a.m.•39 views

CVE-2023-26593

CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM managed...

7.8CVSS7.8AI score0.00035EPSS