CVE-2022-22145

EUVD-2022-27292
CAMS for HIS Log Server contained in the following Yokogawa Electric products is vulnerable to uncontrolled resource consumption. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
yokogawacentum_cs_3000_firmware
r3.08.10 ≤
𝑥
≤ r3.09.00
yokogawacentum_cs_3000_entry_firmware
r3.08.10 ≤
𝑥
≤ r3.09.00
yokogawacentum_vp_firmware
r4.01.00 ≤
𝑥
≤ r4.03.00
yokogawacentum_vp_firmware
r5.01.00 ≤
𝑥
≤ r5.04.20
yokogawacentum_vp_firmware
r6.01.00 ≤
𝑥
< r6.09.00
yokogawacentum_vp_entry_firmware
r4.01.00 ≤
𝑥
≤ r4.03.00
yokogawacentum_vp_entry_firmware
r5.01.00 ≤
𝑥
≤ r5.04.20
yokogawacentum_vp_entry_firmware
r6.01.00 ≤
𝑥
< r6.09.00
yokogawaexaopc
r3.72.00 ≤
𝑥
< r3.80.00
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf
https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf