CVE-2018-0651

Name of the Vulnerable Software and Affected Versions YOKOGAWA iDefine for ProSafe-RS versions 1.16.3 and earlier YOKOGAWA STARDOM VDS versions 7.50 and earlier YOKOGAWA STARDOM FCN/FCJ Simulator versions 4.20 and earlier YOKOGAWA ASTPLANNER versions 15.01 and earlier YOKOGAWA TriFellows versions 5.04 and earlier

Description The issue is caused by a buffer overflow in the license management function, allowing remote attackers to stop the license management function or execute an arbitrary program. This can be achieved by sending specially configured data to exploit the buffer overflow.

Recommendations For YOKOGAWA iDefine for ProSafe-RS versions 1.16.3 and earlier, consider disabling the license management function until a patch is available. For YOKOGAWA STARDOM VDS versions 7.50 and earlier, restrict access to the license management module to minimize the risk of exploitation. For YOKOGAWA STARDOM FCN/FCJ Simulator versions 4.20 and earlier, avoid using the license management function until the issue is resolved. For YOKOGAWA ASTPLANNER versions 15.01 and earlier, consider implementing additional security measures to prevent remote exploitation of the buffer overflow. For YOKOGAWA TriFellows versions 5.04 and earlier, temporarily disable the license management function to prevent potential attacks.