Vulnerability identifier: #VU17276
Vulnerability risk: Medium
CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-434
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
CENTUM VP
Web applications /
Remote management & hosting panels
B/M9000 VP
Web applications /
Remote management & hosting panels
ProSafe-RS
Hardware solutions /
Firmware
PRM
Hardware solutions /
Firmware
CENTUM VP Entry Class
Hardware solutions /
Firmware
Vendor: Yokogawa
Description
The vulnerability allows a remote attacker to execute arbitrary code.
The weakness exists due to improper restriction of the upload of potentially malicious files when multiple Yokogawa products utilize a service intended to verify the validity of licensed products being utilized. A remote attacker can supply a specially crafted input and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Mitigation
Update the affected products to the latest versions.
Vulnerable software versions
CENTUM VP: All versions
ProSafe-RS: All versions
PRM: All versions
CENTUM VP Entry Class: All versions
B/M9000 VP: All versions
External links
http://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.