CVE-2014-0783

Exploit

EPSS 68.36%
Veröffentlicht 14.03.2014 10:55:05
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

Yokogawa CENTUM CS 3000 Stack-based Buffer Overflow

Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 9

NVD 12 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Yokogawa ≫ Centum Cs 3000 Version <= r3.09.50

Yokogawa ≫ Centum Cs 3000 Versionr3.01

Yokogawa ≫ Centum Cs 3000 Versionr3.02

Yokogawa ≫ Centum Cs 3000 Versionr3.03

Yokogawa ≫ Centum Cs 3000 Versionr3.04

Yokogawa ≫ Centum Cs 3000 Versionr3.05

Yokogawa ≫ Centum Cs 3000 Versionr3.06

Yokogawa ≫ Centum Cs 3000 Versionr3.07

Yokogawa ≫ Centum Cs 3000 Versionr3.08

Yokogawa ≫ Centum Cs 3000 Versionr3.08.50

Yokogawa ≫ Centum Cs 3000 Versionr3.08.70

Yokogawa ≫ Centum Cs 3000 Versionr3.09

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	68.36%	0.992

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9	10	8.5	AV:N/AC:L/Au:N/C:P/I:P/A:C
ics-cert@hq.dhs.gov	9	10	8.5	AV:N/AC:L/Au:N/C:P/I:P/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

http://ics-cert.us-cert.gov/advisories/ICSA-14-070-01

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/66130

https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities

Exploit

http://www.securityfocus.com/bid/66111

http://www.yokogawa.com/dcs/security/ysar/dcs-ysar-index-en.htm.

https://www.cisa.gov/news-events/ics-advisories/icsa-14-070-01a

https://nvd.nist.gov/vuln/detail/CVE-2014-0783

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0783

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0783

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2014-0783