Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-8838 (GCVE-0-2018-8838)
Vulnerability from cvelistv5 – Published: 2018-04-17 21:00 – Updated: 2024-09-17 00:30- Permissions, Privileges, and Access Controls
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| ICS-CERT | Yokogawa CENTUM and Exaopc |
Affected:
CENTUM series CENTUM CS 1000 all versions CENTUM CS 3000 versions R3.09.50 and prior CENTUM CS 3000 Small versions R3.09.50 and prior CENTUM VP versions R6.03.10 and prior CENTUM VP Small versions R6.03.10 and prior CENTUM VP Basic versions R6.03.10 and prior Exaopc versions R3.75.00 and prior B/M9000 CS all versions and B/M9000 VP versions R8.01.01 and prior.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:02:26.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Yokogawa CENTUM and Exaopc",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "CENTUM series CENTUM CS 1000 all versions CENTUM CS 3000 versions R3.09.50 and prior CENTUM CS 3000 Small versions R3.09.50 and prior CENTUM VP versions R6.03.10 and prior CENTUM VP Small versions R6.03.10 and prior CENTUM VP Basic versions R6.03.10 and prior Exaopc versions R3.75.00 and prior B/M9000 CS all versions and B/M9000 VP versions R8.01.01 and prior."
}
]
}
],
"datePublic": "2018-04-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Permissions, Privileges, and Access Controls",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-17T20:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-04-12T00:00:00",
"ID": "CVE-2018-8838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yokogawa CENTUM and Exaopc",
"version": {
"version_data": [
{
"version_value": "CENTUM series CENTUM CS 1000 all versions CENTUM CS 3000 versions R3.09.50 and prior CENTUM CS 3000 Small versions R3.09.50 and prior CENTUM VP versions R6.03.10 and prior CENTUM VP Small versions R6.03.10 and prior CENTUM VP Basic versions R6.03.10 and prior Exaopc versions R3.75.00 and prior B/M9000 CS all versions and B/M9000 VP versions R8.01.01 and prior."
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-8838",
"datePublished": "2018-04-17T21:00:00.000Z",
"dateReserved": "2018-03-20T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:30:30.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-8838",
"date": "2026-07-02",
"epss": "0.00291",
"percentile": "0.20875"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-8838\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2018-04-17T21:29:00.343\",\"lastModified\":\"2024-11-21T04:14:25.420\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H).\"},{\"lang\":\"es\",\"value\":\"Una debilidad en los controles de acceso en CENTUM CS 1000 en todas las versiones, CENTUM CS 3000 en versiones R3.09.50 y anteriores, CENTUM CS 3000 Small en versiones R3.09.50 y anteriores, CENTUM VP en versiones R6.03.10 y anteriores, CENTUM VP Small en versiones R6.03.10 y anteriores, CENTUM VP Basic en versiones R6.03.10 y anteriores, Exaopc en versiones R3.75.00 y anteriores, B/M9000 CS en todas las versiones y B/M9000 VP en versiones R8.01.01 y anteriores podr\u00eda permitir que un atacante local explote la funci\u00f3n de gesti\u00f3n de mensajes del sistema. Se ha calculado una puntuaci\u00f3n base de CVSS v3 de 6.5; la cadena de vector CVSS es (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:b\\\\/m9000_cs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8DF8849-66C6-4FF3-B9FD-C1D7EEDE4700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:b\\\\/m9000_vp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"r8.01.01\",\"matchCriteriaId\":\"7EC1F202-975B-4C31-8578-83D812C67530\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"r3.09.50\",\"matchCriteriaId\":\"5CECD111-9739-48AA-8ABD-D32757AA93CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:small:*:*:*\",\"versionEndIncluding\":\"r3.09.50\",\"matchCriteriaId\":\"E32288EF-60BC-4C46-9A42-F8A5A42A9671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"r6.03.10\",\"matchCriteriaId\":\"AFE3FB77-20D3-4A09-AF35-D76F111C294C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:basic:*:*:*\",\"versionEndIncluding\":\"r6.03.10\",\"matchCriteriaId\":\"FAA2963F-A8E7-42F2-B185-E211D1D83423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:small:*:*:*\",\"versionEndIncluding\":\"r6.03.10\",\"matchCriteriaId\":\"30F2F655-436A-49ED-838D-52ED35C48C10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"r3.75.00\",\"matchCriteriaId\":\"3252AF18-B13B-4727-B397-91E83ECF7B4C\"}]}]}],\"references\":[{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
{
"CVSS 2.0": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Yokogawa Electric Corporation",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e R6.03.10 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (CENTUM VP)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.10.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.11.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.11.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-05461",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-8838",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "CENTUM VP",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Yokogawa, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u043e\u0436\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0438\u043b\u0438 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0438\u0433\u043d\u0430\u043b\u044b \u0442\u0440\u0435\u0432\u043e\u0433\u0438, \u0438\u043b\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0433\u043d\u0430\u043b\u044b \u0442\u0440\u0435\u0432\u043e\u0433\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Yokogawa \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043b\u043e\u0436\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0438\u043b\u0438 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0438\u0433\u043d\u0430\u043b\u044b \u0442\u0440\u0435\u0432\u043e\u0433\u0438, \u0438\u043b\u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0433\u043d\u0430\u043b\u044b \u0442\u0440\u0435\u0432\u043e\u0433\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2018-8838\nhttps://web-material3.yokogawa.com/1/6712/details/YSAR-18-0001-E.pdf",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0410\u0421\u0423 \u0422\u041f",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7)"
}
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://web-material3.yokogawa.com/YSAR-18-0001-E.pdf
| Name | ['yokogawa CENTUM series', 'yokogawa CENTUM CS 1000', 'yokogawa CENTUM CS 3000 <=R3.09.50', 'yokogawa CENTUM CS 3000 Small <=R3.09.50', 'yokogawa CENTUM VP <=R6.03.10', 'yokogawa CENTUM VP Small <=R6.03.10', 'yokogawa CENTUM VP Basic <=R6.03.10', 'yokogawa Exaopc <=R3.75.00', 'yokogawa B/M9000 CS', 'yokogawa B/M9000 VP <=R8.01.01'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-8838"
}
},
"description": "CENTUM CS 3000\u3001CENTUM VP\u7b49\u90fd\u662f\u6a2a\u6cb3\u7684\u7535\u673a\u4ea7\u54c1\uff0c\u662f\u57fa\u4e8eWindows\u7684\u63a7\u5236\u7cfb\u7edf\u3002\u8fd9\u4e9b\u4ea7\u54c1\u53ef\u7528\u4e8e\u591a\u4e2a\u884c\u4e1a\uff0c\u5305\u62ec\u5173\u952e\u5236\u9020\u4e1a\uff0c\u80fd\u6e90\uff0c\u98df\u54c1\u548c\u519c\u4e1a\u7b49\u3002\r\n\r\nYokogawa CENTUM and Exaopc\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u4ea7\u751f\u9519\u8bef\u7684\u7cfb\u7edf\u6216\u8fdb\u7a0b\u8b66\u62a5\uff0c\u6216\u8005\u963b\u6b62\u7cfb\u7edf\u6216\u8fdb\u7a0b\u8b66\u62a5\u663e\u793a\u3002",
"discovererName": "Yokogawa, working with JPCERT",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://web-material3.yokogawa.com/YSAR-18-0001-E.pdf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-07299",
"openTime": "2018-04-17",
"patchDescription": "CENTUM CS 3000\u3001CENTUM VP\u7b49\u90fd\u662f\u6a2a\u6cb3\u7684\u7535\u673a\u4ea7\u54c1\uff0c\u662f\u57fa\u4e8eWindows\u7684\u63a7\u5236\u7cfb\u7edf\u3002\u8fd9\u4e9b\u4ea7\u54c1\u53ef\u7528\u4e8e\u591a\u4e2a\u884c\u4e1a\uff0c\u5305\u62ec\u5173\u952e\u5236\u9020\u4e1a\uff0c\u80fd\u6e90\uff0c\u98df\u54c1\u548c\u519c\u4e1a\u7b49\u3002\r\n\r\nYokogawa CENTUM and Exaopc\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u4ea7\u751f\u9519\u8bef\u7684\u7cfb\u7edf\u6216\u8fdb\u7a0b\u8b66\u62a5\uff0c\u6216\u8005\u963b\u6b62\u7cfb\u7edf\u6216\u8fdb\u7a0b\u8b66\u62a5\u663e\u793a\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Yokogawa CENTUM and Exaopc\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"yokogawa CENTUM series",
"yokogawa CENTUM CS 1000",
"yokogawa CENTUM CS 3000 \u003c=R3.09.50",
"yokogawa CENTUM CS 3000 Small \u003c=R3.09.50",
"yokogawa CENTUM VP \u003c=R6.03.10",
"yokogawa CENTUM VP Small \u003c=R6.03.10",
"yokogawa CENTUM VP Basic \u003c=R6.03.10",
"yokogawa Exaopc \u003c=R3.75.00",
"yokogawa B/M9000 CS",
"yokogawa B/M9000 VP \u003c=R8.01.01"
]
},
"referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01",
"serverity": "\u4e2d",
"submitTime": "2018-04-10",
"title": "Yokogawa CENTUM and Exaopc\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}
FKIE_CVE-2018-8838
Vulnerability from fkie_nvd - Published: 2018-04-17 21:29 - Updated: 2026-06-17 02:05| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01 | Third Party Advisory, US Government Resource |
| Vendor | Product | Version | |
|---|---|---|---|
| yokogawa | b\/m9000_cs | - | |
| yokogawa | b\/m9000_vp | * | |
| yokogawa | centum_cs_3000 | * | |
| yokogawa | centum_cs_3000 | * | |
| yokogawa | centum_vp | * | |
| yokogawa | centum_vp | * | |
| yokogawa | centum_vp | * | |
| yokogawa | exaopc | * |
{
"affected": [
{
"affectedData": [
{
"product": "Yokogawa CENTUM and Exaopc",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "CENTUM series CENTUM CS 1000 all versions CENTUM CS 3000 versions R3.09.50 and prior CENTUM CS 3000 Small versions R3.09.50 and prior CENTUM VP versions R6.03.10 and prior CENTUM VP Small versions R6.03.10 and prior CENTUM VP Basic versions R6.03.10 and prior Exaopc versions R3.75.00 and prior B/M9000 CS all versions and B/M9000 VP versions R8.01.01 and prior."
}
]
}
],
"source": "ics-cert@hq.dhs.gov"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:b\\/m9000_cs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8DF8849-66C6-4FF3-B9FD-C1D7EEDE4700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:b\\/m9000_vp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC1F202-975B-4C31-8578-83D812C67530",
"versionEndIncluding": "r8.01.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CECD111-9739-48AA-8ABD-D32757AA93CF",
"versionEndIncluding": "r3.09.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:small:*:*:*",
"matchCriteriaId": "E32288EF-60BC-4C46-9A42-F8A5A42A9671",
"versionEndIncluding": "r3.09.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE3FB77-20D3-4A09-AF35-D76F111C294C",
"versionEndIncluding": "r6.03.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:basic:*:*:*",
"matchCriteriaId": "FAA2963F-A8E7-42F2-B185-E211D1D83423",
"versionEndIncluding": "r6.03.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:small:*:*:*",
"matchCriteriaId": "30F2F655-436A-49ED-838D-52ED35C48C10",
"versionEndIncluding": "r6.03.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3252AF18-B13B-4727-B397-91E83ECF7B4C",
"versionEndIncluding": "r3.75.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H)."
},
{
"lang": "es",
"value": "Una debilidad en los controles de acceso en CENTUM CS 1000 en todas las versiones, CENTUM CS 3000 en versiones R3.09.50 y anteriores, CENTUM CS 3000 Small en versiones R3.09.50 y anteriores, CENTUM VP en versiones R6.03.10 y anteriores, CENTUM VP Small en versiones R6.03.10 y anteriores, CENTUM VP Basic en versiones R6.03.10 y anteriores, Exaopc en versiones R3.75.00 y anteriores, B/M9000 CS en todas las versiones y B/M9000 VP en versiones R8.01.01 y anteriores podr\u00eda permitir que un atacante local explote la funci\u00f3n de gesti\u00f3n de mensajes del sistema. Se ha calculado una puntuaci\u00f3n base de CVSS v3 de 6.5; la cadena de vector CVSS es (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H)."
}
],
"id": "CVE-2018-8838",
"lastModified": "2026-06-17T02:05:29.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-17T21:29:00.343",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-4CV8-C362-F6HV
Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H).
{
"affected": [],
"aliases": [
"CVE-2018-8838"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-04-17T21:29:00Z",
"severity": "MODERATE"
},
"details": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H).",
"id": "GHSA-4cv8-c362-f6hv",
"modified": "2022-05-13T01:53:48Z",
"published": "2022-05-13T01:53:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8838"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-8838
Vulnerability from gsd - Updated: 2023-12-13 01:22{
"GSD": {
"alias": "CVE-2018-8838",
"description": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H).",
"id": "GSD-2018-8838"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-8838"
],
"details": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H).",
"id": "GSD-2018-8838",
"modified": "2023-12-13T01:22:34.713017Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-04-12T00:00:00",
"ID": "CVE-2018-8838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Yokogawa CENTUM and Exaopc",
"version": {
"version_data": [
{
"version_value": "CENTUM series CENTUM CS 1000 all versions CENTUM CS 3000 versions R3.09.50 and prior CENTUM CS 3000 Small versions R3.09.50 and prior CENTUM VP versions R6.03.10 and prior CENTUM VP Small versions R6.03.10 and prior CENTUM VP Basic versions R6.03.10 and prior Exaopc versions R3.75.00 and prior B/M9000 CS all versions and B/M9000 VP versions R8.01.01 and prior."
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permissions, Privileges, and Access Controls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000_cs:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:b\\/m9000_vp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r8.01.01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r3.09.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:small:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r3.09.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:basic:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r6.03.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r3.75.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r6.03.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:small:*:*:*",
"cpe_name": [],
"versionEndIncluding": "r6.03.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-8838"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-102-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.5
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2018-04-17T21:29Z"
}
}
}
ICSA-18-102-01
Vulnerability from csaf_cisa - Published: 2018-04-12 00:00 - Updated: 2018-04-12 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B/M9000 CS: all versions
Yokogawa / B/M9000 CS
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
CENTUM VP Basic: versions R6.03.10 and prior
Yokogawa / CENTUM VP Basic
|
<= R6.03.10 |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
CENTUM CS 1000: all versions
Yokogawa / CENTUM CS 1000
|
vers:all/* |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
CENTUM CS 3000: versions R3.09.50 and prior
Yokogawa / CENTUM CS 3000
|
<= R3.09.50 |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
Exaopc: versions R3.75.00 and prior
Yokogawa / Exaopc
|
<= R3.75.00 |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
CENTUM VP Small: versions R6.03.10 and prior
Yokogawa / CENTUM VP Small
|
<= R6.03.10 |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
CENTUM CS 3000: Small versions R3.09.50 and prior
Yokogawa / CENTUM CS 3000
|
<= R3.09.50 |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
CENTUM VP: versions R6.03.10 and prior
Yokogawa / CENTUM VP
|
<= R6.03.10 |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
|
|
B/M9000 VP: versions R8.01.01 and prior
Yokogawa / B/M9000 VP
|
<= R8.01.01 |
Mitigation
Mitigation
Mitigation
Mitigation
Vendor Fix
Mitigation
fix
|
{
"document": {
"acknowledgments": [
{
"names": [
"Yokogawa"
],
"organization": "JPCERT",
"summary": "reporting this vulnerability to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow a local attacker to generate false system or process alarms, or block system or process alarm displays.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing, Energy, Food and Agriculture",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available in the ICS-CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, available for download from the ICS-CERT website.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely. High skill level is needed to exploit.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-18-102-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-102-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-102-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-102-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-102-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
}
],
"title": "Yokogawa CENTUM and Exaopc",
"tracking": {
"current_release_date": "2018-04-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-102-01",
"initial_release_date": "2018-04-12T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-04-12T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-18-102-01 Yokogawa CENTUM and Exaopc"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "B/M9000 CS: all versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "B/M9000 CS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= R6.03.10",
"product": {
"name": "CENTUM VP Basic: versions R6.03.10 and prior",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "CENTUM VP Basic"
},
{
"branches": [
{
"category": "product_version",
"name": "vers:all/*",
"product": {
"name": "CENTUM CS 1000: all versions",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "CENTUM CS 1000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= R3.09.50",
"product": {
"name": "CENTUM CS 3000: versions R3.09.50 and prior",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "CENTUM CS 3000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= R3.75.00",
"product": {
"name": "Exaopc: versions R3.75.00 and prior",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Exaopc"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= R6.03.10",
"product": {
"name": "CENTUM VP Small: versions R6.03.10 and prior",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "CENTUM VP Small"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= R3.09.50",
"product": {
"name": "CENTUM CS 3000: Small versions R3.09.50 and prior",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "CENTUM CS 3000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= R6.03.10",
"product": {
"name": "CENTUM VP: versions R6.03.10 and prior",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "CENTUM VP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= R8.01.01",
"product": {
"name": "B/M9000 VP: versions R8.01.01 and prior",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "B/M9000 VP"
}
],
"category": "vendor",
"name": "Yokogawa"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-8838",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "summary",
"text": "A weakness in access controls may allow a local attacker to exploit the message management function of the system.CVE-2018-8838 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8838"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CENTUM CS 1000, CENTUM CS 3000, CENTUM CS 3000 Small - No updates will be provided as these products are at end of support. Yokogawa recommends that affected users upgrade to the latest CENTUM VP.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "CENTUM VP, CENTUM VP Small, CENTUM VP BASIC - affected users should update to version R5.04.B2 or R6.04.00.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "Exaopc - affected users should update to version R3.76.00",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "B/M9000CS - The vulnerability does not exist in this product however, the existence of affected software on the same PC may affect alarms for this device.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "vendor_fix",
"details": "B/M9000 VP - The vulnerability does not exist in this product however, the existence of affected software on the same PC may affect alarms for this device.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
},
{
"category": "mitigation",
"details": "Please see Yokogawa Security Advisory Report YSAR-18-0001",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
],
"url": "https://web-material3.yokogawa.com/YSAR-18-0001-E.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009"
]
}
]
}
]
}
VAR-201804-1571
Vulnerability from variot - Updated: 2024-11-23 22:52A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H). Provided by Yokogawa Electric Corporation CENTUM When Exaopc Lacks access restrictions (CWE-264) Vulnerability exists.An attacker who can log in to the product could be able to forge the alarm and obstruct the alarm display. CENTUM CS 3000, CENTUM VP, etc. are Yokogawa's motor products and are Windows-based control systems. These products can be used in a variety of industries including key manufacturing, energy, food and agriculture. Yokogawa CENTUM and Exaopc have privilege escalation vulnerabilities that can be exploited by local attackers to generate erroneous system or process alerts or to prevent system or process alert displays. Yokogawa CENTUM and Exaopc are prone to local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. The system is mainly used in multi-field factories. An elevation of privilege vulnerability exists in several Yokogawa products. A local attacker could exploit this vulnerability to use the system's message management functionality
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1571",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "b\\/m9000 cs",
"scope": "eq",
"trust": 1.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs 3000",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.09.50"
},
{
"model": "exaopc",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r3.75.00"
},
{
"model": "b\\/m9000 vp",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r8.01.01"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 1.0,
"vendor": "yokogawa",
"version": "r6.03.10"
},
{
"model": "b/m9000 vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r8.01.01"
},
{
"model": "b/m9000cs",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 1000",
"scope": null,
"trust": 0.8,
"vendor": "yokogawa electric",
"version": null
},
{
"model": "centum cs 3000",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r3.09.50"
},
{
"model": "centum cs 3000",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "small r3.09.50"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "basic r6.03.10"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r6.03.10"
},
{
"model": "centum vp",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "small r6.03.10"
},
{
"model": "exaopc",
"scope": "lte",
"trust": 0.8,
"vendor": "yokogawa electric",
"version": "r3.75.00"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "centum vp",
"version": "*"
},
{
"model": "centum series",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "1000"
},
{
"model": "centum cs \u003c=r3.09.50",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs small \u003c=r3.09.50",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum vp \u003c=r6.03.10",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp small \u003c=r6.03.10",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp basic \u003c=r6.03.10",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc \u003c=r3.75.00",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "b/m9000 cs",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "b/m9000 vp \u003c=r8.01.01",
"scope": null,
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "b\\/m9000 vp",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r8.01.01"
},
{
"model": "centum cs 1000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": null
},
{
"model": "exaopc",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.75.00"
},
{
"model": "centum cs 3000",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r3.09.50"
},
{
"model": "centum vp",
"scope": "eq",
"trust": 0.6,
"vendor": "yokogawa",
"version": "r6.03.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "centum cs 3000",
"version": "*"
},
{
"model": "exaopc r3.75.00",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp small r6.03.10",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp basic r6.03.10",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum vp r6.03.10",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "centum cs small r3.09.50",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs r3.09.50",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "3000"
},
{
"model": "centum cs",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "10000"
},
{
"model": "b/m9000 vp r8.01.01",
"scope": null,
"trust": 0.3,
"vendor": "yokogawa",
"version": null
},
{
"model": "b/m9000 cs",
"scope": "eq",
"trust": 0.3,
"vendor": "yokogawa",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "b m9000 cs",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "b m9000 vp",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "exaopc",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "BID",
"id": "103973"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
},
{
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:yokogawa:b%2fm9000_vp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yokogawa:b%2fm9000cs",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yokogawa:centum_cs_1000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yokogawa:centum_cs_3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yokogawa:centum_vp",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:yokogawa:exaopc",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "103973"
}
],
"trust": 0.3
},
"cve": "CVE-2018-8838",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2018-8838",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Local",
"authentication": "Single",
"author": "JPCERT/CC",
"availabilityImpact": "Complete",
"baseScore": 5.7,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2018-002523",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:H/Au:S/C:P/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "CNVD-2018-07299",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-138870",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.0,
"id": "CVE-2018-8838",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "JPCERT/CC",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2018-002523",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-8838",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "JPCERT/CC",
"id": "JVNDB-2018-002523",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2018-07299",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201804-778",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-138870",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "VULHUB",
"id": "VHN-138870"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
},
{
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H). Provided by Yokogawa Electric Corporation CENTUM When Exaopc Lacks access restrictions (\u003ca href=\"https://cwe.mitre.org/data/definitions/264.html\"target=\"blank\"\u003eCWE-264\u003c/a\u003e) Vulnerability exists.An attacker who can log in to the product could be able to forge the alarm and obstruct the alarm display. CENTUM CS 3000, CENTUM VP, etc. are Yokogawa\u0027s motor products and are Windows-based control systems. These products can be used in a variety of industries including key manufacturing, energy, food and agriculture. Yokogawa CENTUM and Exaopc have privilege escalation vulnerabilities that can be exploited by local attackers to generate erroneous system or process alerts or to prevent system or process alert displays. Yokogawa CENTUM and Exaopc are prone to local security-bypass vulnerability. \nAttackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. The system is mainly used in multi-field factories. An elevation of privilege vulnerability exists in several Yokogawa products. A local attacker could exploit this vulnerability to use the system\u0027s message management functionality",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-8838"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "BID",
"id": "103973"
},
{
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-138870"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-8838",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-18-102-01",
"trust": 3.4
},
{
"db": "CNVD",
"id": "CNVD-2018-07299",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98102375",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523",
"trust": 0.8
},
{
"db": "BID",
"id": "103973",
"trust": 0.4
},
{
"db": "IVD",
"id": "E2EB40D1-39AB-11E9-9C26-000C29342CB1",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-98979",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-138870",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "VULHUB",
"id": "VHN-138870"
},
{
"db": "BID",
"id": "103973"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
},
{
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"id": "VAR-201804-1571",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "VULHUB",
"id": "VHN-138870"
}
],
"trust": 1.6456166625
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07299"
}
]
},
"last_update_date": "2024-11-23T22:52:05.908000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "YSAR-18-0001: CENTUM \u3068 Exaopc \u306b\u30a2\u30e9\u30fc\u30e0\u306e\u507d\u9020\u3068\u59a8\u5bb3\u306e\u8106\u5f31\u6027",
"trust": 0.8,
"url": "https://web-material3.yokogawa.com/YSAR-18-0001-J.jp.pdf"
},
{
"title": "Patch for Yokogawa CENTUM and Exaopc Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/125853"
},
{
"title": "Multiple Yokogawa Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80152"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-138870"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-102-01"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-8838"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu98102375"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-8838"
},
{
"trust": 0.3,
"url": "http://www.yokogawa.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "VULHUB",
"id": "VHN-138870"
},
{
"db": "BID",
"id": "103973"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
},
{
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"db": "VULHUB",
"id": "VHN-138870"
},
{
"db": "BID",
"id": "103973"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
},
{
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-10T00:00:00",
"db": "IVD",
"id": "e2eb40d1-39ab-11e9-9c26-000c29342cb1"
},
{
"date": "2018-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"date": "2018-04-17T00:00:00",
"db": "VULHUB",
"id": "VHN-138870"
},
{
"date": "2018-04-12T00:00:00",
"db": "BID",
"id": "103973"
},
{
"date": "2018-04-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"date": "2018-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-778"
},
{
"date": "2018-04-17T21:29:00.343000",
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-07299"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-138870"
},
{
"date": "2018-04-12T00:00:00",
"db": "BID",
"id": "103973"
},
{
"date": "2018-08-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002523"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201804-778"
},
{
"date": "2024-11-21T04:14:25.420000",
"db": "NVD",
"id": "CVE-2018-8838"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "103973"
},
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CENTUM When Exaopc Vulnerable to inadequate access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002523"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201804-778"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.