Yokogawa Centum_vp_entry_firmware
13 CVEs affecting Yokogawa Centum_vp_entry_firmware. Latest disclosed: 2022-03-11. Critical: 5, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-23402 | Critical | 9.8 | 2022-03-11 | The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6… |
CVE-2022-21194 | Critical | 9.8 | 2022-03-11 | The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R… |
CVE-2015-5628 | Critical | 9.8 | 2020-02-05 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CE… |
CVE-2015-5627 | Critical | 9.8 | 2020-02-05 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CE… |
CVE-2015-5626 | Critical | 9.8 | 2020-02-05 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CE… |
CVE-2022-22729 | High | 8.8 | 2022-03-11 | CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via… |
CVE-2022-21808 | High | 8.8 | 2022-03-11 | Path traversal vulnerability exists in CAMS for HIS Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10 to R3.0… |
CVE-2022-22151 | High | 8.1 | 2022-03-11 | CAMS for HIS Log Server contained in the following Yokogawa Electric products fails to properly neutralize log outputs: CENTUM CS 3000 versions from R3.08.10 t… |
CVE-2022-22145 | High | 8.1 | 2022-03-11 | CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from… |
CVE-2022-21177 | High | 8.1 | 2022-03-11 | There is a path traversal vulnerability in CAMS for HIS Log Server contained in the following Yokogawa Electric products: CENTUM CS 3000 versions from R3.08.10… |
CVE-2022-23401 | High | 7.8 | 2022-03-11 | The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01… |
CVE-2022-22148 | High | 7.8 | 2022-03-11 | 'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions… |
CVE-2022-22141 | High | 7.8 | 2022-03-11 | 'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products creates some named pipe with imporper ACL configuration. CENTU… |