Vulnerability identifier: #VU17276

Vulnerability risk: Medium

CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-5909

CWE-ID: CWE-434

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
CENTUM VP
Web applications / Remote management & hosting panels
B/M9000 VP
Web applications / Remote management & hosting panels
ProSafe-RS
Hardware solutions / Firmware
PRM
Hardware solutions / Firmware
CENTUM VP Entry Class
Hardware solutions / Firmware

Vendor: Yokogawa

Description
The vulnerability allows a remote attacker to execute arbitrary code.

The weakness exists due to improper restriction of the upload of potentially malicious files when multiple Yokogawa products utilize a service intended to verify the validity of licensed products being utilized. A remote attacker can supply a specially crafted input and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Update the affected products to the latest versions.

Vulnerable software versions

CENTUM VP: All versions

ProSafe-RS: All versions

PRM: All versions

CENTUM VP Entry Class: All versions

B/M9000 VP: All versions

---

External links
http://web-material3.yokogawa.com/1/20653/files/YSAR-19-0001-E.pdf

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.