HIGH🇬🇧 English

CVE-2022-22729

CVSS 8.8v3.1pub. 2022-03-11upd. 2024-11-21

CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Yokogawa Centum Cs 3000

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Cs 3000 Entry

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Cs 3000 Entry Firmware

    OS
    Yokogawa
    r3.08.10 – r3.09.00
  • Yokogawa Centum Cs 3000 Firmware

    OS
    Yokogawa
    r3.08.10 – r3.09.00
  • Yokogawa Centum Vp

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Vp Entry

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Vp Entry Firmware

    OS
    Yokogawa
    r4.01.00 – r4.03.00r6.01.00 – r6.09.00 (bez)r5.01.00 – r5.04.20
  • Yokogawa Centum Vp Firmware

    OS
    Yokogawa
    r6.01.00 – r6.09.00 (bez)r4.01.00 – r4.03.00r5.01.00 – r5.04.20
  • Yokogawa Exaopc

    APP
    Yokogawa
    r3.72.00 – r3.80.00 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2022-26034CRITICAL9.1ten sam produkt

Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server ...

CVE-2022-23402CRITICAL9.8ten sam produkt

The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versio...

CVE-2022-21194CRITICAL9.8ten sam produkt

The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the...

CVE-2020-5609CRITICAL9.8ten sam produkt

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R...

CVE-2020-5608CRITICAL9.8ten sam produkt

CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM V...

CVE-2022-22729 — HIGH 8.8 | CVEbaza.pl