8.5
CVE-2024-5650
- EPSS 0.34%
- Veröffentlicht 17.06.2024 07:15:41
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle 7168b535-132a-4efe-a076-338f82
- CVE-Watchlists
- Unerledigt
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute arbitrary programs with the authority of the SYSTEM account. The affected products and versions are as follows: CENTUM CS 3000 R3.08.10 to R3.09.50 CENTUM VP R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, R6.01.00 to R6.11.10.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstelleryokogawa
≫
Produkt
centum_cs_3000
Default Statusunknown
Version <=
r3.09.50
Version
r3.08.10
Status
affected
Herstelleryokogawa
≫
Produkt
centum_vp
Default Statusunknown
Version <=
f4.03.00
Version
r4.01.00
Status
affected
Herstelleryokogawa
≫
Produkt
centum_vp
Default Statusunknown
Version <=
r5.04.20
Version
r5.01.00
Status
affected
Herstelleryokogawa
≫
Produkt
centum_vp
Default Statusunknown
Version <=
r6.11.10
Version
r6.01.00
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.255 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 7168b535-132a-4efe-a076-338f829b2eb9 | 8.5 | 1.8 | 6 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
https://web-material3.yokogawa.com/1/36044/files/YSAR-24-0002-E.pdf