CVE-2022-33939

CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service (DoS) condition in ADL communication by sending a specially crafted packet to the affected product.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
yokogawacentum_cs_3000_cp401_firmware
-
yokogawacentum_cs_3000_cp451_firmware
-
yokogawacentum_cs_3000_cp33_firmware
-
yokogawacentum_cs_3000_cp345_firmware
-
yokogawacentum_cs_3000_cp31_firmware
-
yokogawacentum_vp_3000_cp401_firmware
r4.01.00 ≤
𝑥
≤ r4.03.00
yokogawacentum_vp_3000_cp401_firmware
r5.01.00 ≤
𝑥
< r5.04.78
yokogawacentum_vp_3000_cp401_firmware
r6.01.00 ≤
𝑥
< r6.03.10
yokogawacentum_vp_3000_cp451_firmware
r4.01.00 ≤
𝑥
≤ r4.03.00
yokogawacentum_vp_3000_cp451_firmware
r5.01.00 ≤
𝑥
< r5.04.78
yokogawacentum_vp_3000_cp451_firmware
r6.01.00 ≤
𝑥
< r6.03.10
𝑥
= Vulnerable software versions
References
https://jvn.jp/vu/JVNVU94343729/index.html
https://web-material3.yokogawa.com/1/33029/files/YSAR-22-0008-E.pdf
https://web-material3.yokogawa.com/19/33029/files/YSAR-22-0008-J.pdf
https://jvn.jp/vu/JVNVU94343729/index.html
https://web-material3.yokogawa.com/1/33029/files/YSAR-22-0008-E.pdf
https://web-material3.yokogawa.com/19/33029/files/YSAR-22-0008-J.pdf