Remote code execution in Yokogawa products
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2019-5909 |
| CWE-ID | CWE-434 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
CENTUM VP Web applications / Remote management & hosting panels B/M9000 VP Web applications / Remote management & hosting panels ProSafe-RS Hardware solutions / Firmware PRM Hardware solutions / Firmware CENTUM VP Entry Class Hardware solutions / Firmware |
| Vendor | Yokogawa |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Unrestricted upload of file with dangerous type
EUVDB-ID: #VU17276
Risk: Medium
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-5909
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code.
The weakness exists due to improper restriction of the upload of potentially malicious files when multiple Yokogawa products utilize a service intended to verify the validity of licensed products being utilized. A remote attacker can supply a specially crafted input and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected products to the latest versions.
Vulnerable software versionsCENTUM VP: All versions
ProSafe-RS: All versions
PRM: All versions
CENTUM VP Entry Class: All versions
B/M9000 VP: All versions
External linkshttp://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
