Vulnerability identifier: #VU11832

Vulnerability risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8838

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
CENTUM CS 1000
Web applications / Remote management & hosting panels
CENTUM CS 3000
Web applications / Remote management & hosting panels
CENTUM VP
Web applications / Remote management & hosting panels
CENTUM VP Small
Web applications / Remote management & hosting panels
CENTUM VP Basic
Web applications / Remote management & hosting panels
B/M9000 VP
Web applications / Remote management & hosting panels
B/M9000 CS
Web applications / Remote management & hosting panels
Exaopc
Web applications / CMS

Vendor: Yokogawa

Description
The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to improper access controls. A local attacker can exploit the message management function, generate false system or process alarms, or block system or process alarm displays.

Mitigation
Update CENTUM CS 1000, CENTUM CS 3000, CENTUM CS 3000 Small to the latest CENTUM VP, CENTUM VP, CENTUM VP Small, CENTUM VP BASIC to version R5.04.B2 or R6.04.00, Exaopc to version R3.76.00.

Vulnerable software versions

CENTUM CS 1000: All versions

CENTUM CS 3000: All versions

CENTUM VP: All versions

CENTUM VP Small: All versions

CENTUM VP Basic: All versions

Exaopc: All versions

B/M9000 VP: All versions

B/M9000 CS: All versions

---

External links
http://web-material3.yokogawa.com/YSAR-18-0001-E.pdf

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.