PT-2018-2657 · Yokogawa · Fast/Tools+8

Published

2018-12-21

·

Updated

2019-02-14

·

CVE-2018-16196

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Yokogawa CENTUM CS 3000 versions R3.05.00 through R3.09.50 Yokogawa CENTUM CS 3000 Entry Class versions R3.05.00 through R3.09.50 Yokogawa CENTUM VP versions R4.01.00 through R6.03.10 Yokogawa CENTUM VP Entry Class versions R4.01.00 through R6.03.10 Yokogawa Exaopc versions R3.10.00 through R3.75.00 Yokogawa PRM versions R2.06.00 through R3.31.00 Yokogawa ProSafe-RS versions R1.02.00 through R4.02.00 Yokogawa FAST/TOOLS versions R9.02.00 through R10.02.00 Yokogawa B/M9000 VP versions R6.03.01 through R8.01.90
Description The issue is related to errors in resource management in the Vnet/IP Open Communication Driver, which can be exploited by a remote attacker to cause a denial of service attack. This may result in stopping the Vnet/IP Open Communication Driver's communication. The attack is conducted via unspecified vectors.
Recommendations For Yokogawa CENTUM CS 3000 versions R3.05.00 through R3.09.50, update to a version outside of this range to mitigate the risk. For Yokogawa CENTUM CS 3000 Entry Class versions R3.05.00 through R3.09.50, update to a version outside of this range to mitigate the risk. For Yokogawa CENTUM VP versions R4.01.00 through R6.03.10, update to a version outside of this range to mitigate the risk. For Yokogawa CENTUM VP Entry Class versions R4.01.00 through R6.03.10, update to a version outside of this range to mitigate the risk. For Yokogawa Exaopc versions R3.10.00 through R3.75.00, update to a version outside of this range to mitigate the risk. For Yokogawa PRM versions R2.06.00 through R3.31.00, update to a version outside of this range to mitigate the risk. For Yokogawa ProSafe-RS versions R1.02.00 through R4.02.00, update to a version outside of this range to mitigate the risk. For Yokogawa FAST/TOOLS versions R9.02.00 through R10.02.00, update to a version outside of this range to mitigate the risk. For Yokogawa B/M9000 VP versions R6.03.01 through R8.01.90, update to a version outside of this range to mitigate the risk.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-399CWE-20

Related Identifiers

BDU:2019-01288
CVE-2018-16196

Affected Products

B/M9000 Vp
Centum Cs 3000
Centum Cs 3000 Entry Class
Centum Vp
Centum Vp Entry Class
Exaopc
Fast/Tools
Prm
Prosafe-Rs