CRITICAL🇬🇧 English

CVE-2020-5609

CVSS 9.8v3.1pub. 2020-08-05upd. 2024-11-21

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Yokogawa B\/m9000cs

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa B\/m9000cs Firmware

    OS
    Yokogawa
    r5.04.01 – r5.05.01
  • Yokogawa B\/m9000vp

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa B\/m9000vp Firmware

    OS
    Yokogawa
    r6.01.01 – r8.03.01
  • Yokogawa Centum Cs 3000

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Cs 3000 Firmware

    OS
    Yokogawa
    r3.08.10 – r3.09.50
  • Yokogawa Centum Vp

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Vp Firmware

    OS
    Yokogawa
    r6.01.00 – r6.07.00r5.01.00 – r5.04.20r4.01.00 – r4.03.00
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path TraversalAuth Bypass
CWE
Referencje

Powiązane podatności

CVE-2022-26034CRITICAL9.1ten sam produkt

Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server ...

CVE-2022-21194CRITICAL9.8ten sam produkt

The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the...

CVE-2022-23402CRITICAL9.8ten sam produkt

The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versio...

CVE-2020-5608CRITICAL9.8ten sam produkt

CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM V...

CVE-2015-5626CRITICAL9.8ten sam produkt

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earli...