CVE-2022-23401

The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
yokogawacentum_cs_3000_firmware
r3.08.10 ≤
𝑥
≤ r3.09.00
yokogawacentum_cs_3000_entry_firmware
r3.08.10 ≤
𝑥
≤ r3.09.00
yokogawacentum_vp_firmware
r4.01.00 ≤
𝑥
≤ r4.03.00
yokogawacentum_vp_firmware
r5.01.00 ≤
𝑥
≤ r5.04.20
yokogawacentum_vp_firmware
r6.01.00 ≤
𝑥
< r6.09.00
yokogawacentum_vp_entry_firmware
r4.01.00 ≤
𝑥
≤ r4.03.00
yokogawacentum_vp_entry_firmware
r5.01.00 ≤
𝑥
≤ r5.04.20
yokogawacentum_vp_entry_firmware
r6.01.00 ≤
𝑥
< r6.09.00
yokogawaexaopc
r3.72.00 ≤
𝑥
< r3.80.00
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf
https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf