7.5
CVE-2018-16196
- EPSS 2.31%
- Published 09.01.2019 23:29:04
- Last modified 21.11.2024 03:52:16
- Source vultures@jpcert.or.jp
- Teams watchlist Login
- Open Login
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.
Data is provided by the National Vulnerability Database (NVD)
Yokogawa ≫ Centum Cs 3000 Firmware Version >= r3.05.00 <= r3.09.50
Yokogawa ≫ Centum Cs 3000 Entry Class Version >= r3.05.00 <= r3.09.50
Yokogawa ≫ Centum Vp Firmware Version >= r4.01.00 <= r6.03.10
Yokogawa ≫ Centum Vp Entry Class Version >= r4.01.00 <= r6.03.10
Yokogawa ≫ B/m9000 Vp Version >= r6.03.01 <= r8.01.90
Yokogawa ≫ Fast/tools Version >= r9.02.00 <= r10.02.00
Yokogawa ≫ Plant Resource Manager Version >= r2.06.00 <= r3.31.00
Yokogawa ≫ Prosafe-rs Version >= r1.02.00 <= r4.02.00
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.31% | 0.833 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.