CVE-2024-5650

EUVD-2024-46828

17.06.2024, 07:15

DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute arbitrary programs with the authority of the SYSTEM account.

The affected products and versions are as follows:
CENTUM CS 3000 R3.08.10 to R3.09.50
CENTUM VP R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, R6.01.00 to R6.11.10.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.5 HIGH	NETWORK	HIGH	LOW	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 38%

Early Detection

Affected products identified ahead of NVD analysis through intelligence sources.

Vendor	Product	Version	Source
yokogawa	centum_cs_3000	r3.08.10 ≤ 𝑥 ≤ r3.09.50	ADP
yokogawa	centum_vp	r4.01.00 ≤ 𝑥 ≤ f4.03.00	ADP
yokogawa	centum_vp	r5.01.00 ≤ 𝑥 ≤ r5.04.20	ADP
yokogawa	centum_vp	r6.01.00 ≤ 𝑥 ≤ r6.11.10	ADP

Common Weakness Enumeration

CWE-284 - Improper Access Control
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References

https://web-material3.yokogawa.com/1/36044/files/YSAR-24-0002-E.pdf