8.5
CVE-2024-5650
- EPSS 0.13%
- Published 17.06.2024 07:15:41
- Last modified 21.11.2024 09:48:05
- Source 7168b535-132a-4efe-a076-338f82
- Teams watchlist Login
- Open Login
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute arbitrary programs with the authority of the SYSTEM account. The affected products and versions are as follows: CENTUM CS 3000 R3.08.10 to R3.09.50 CENTUM VP R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, R6.01.00 to R6.11.10.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendoryokogawa
≫
Product
centum_cs_3000
Default Statusunknown
Version <=
r3.09.50
Version
r3.08.10
Status
affected
Vendoryokogawa
≫
Product
centum_vp
Default Statusunknown
Version <=
f4.03.00
Version
r4.01.00
Status
affected
Vendoryokogawa
≫
Product
centum_vp
Default Statusunknown
Version <=
r5.04.20
Version
r5.01.00
Status
affected
Vendoryokogawa
≫
Product
centum_vp
Default Statusunknown
Version <=
r6.11.10
Version
r6.01.00
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.33 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| 7168b535-132a-4efe-a076-338f829b2eb9 | 8.5 | 1.8 | 6 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.