CRITICAL🇬🇧 English

CVE-2022-23402

CVSS 9.8v3.1pub. 2022-03-11upd. 2024-11-21

The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Yokogawa Centum Vp

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Vp Entry

    HW
    Yokogawa
    wszystkie wersje
  • Yokogawa Centum Vp Entry Firmware

    OS
    Yokogawa
    r5.01.00 – r5.04.20r6.01.00 – r6.09.00 (bez)
  • Yokogawa Centum Vp Firmware

    OS
    Yokogawa
    r6.01.00 – r6.09.00 (bez)r5.01.00 – r5.04.20
  • Yokogawa Exaopc

    APP
    Yokogawa
    r3.72.00 – r3.80.00 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-26034CRITICAL9.1ten sam produkt

Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server ...

CVE-2022-21194CRITICAL9.8ten sam produkt

The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the...

CVE-2020-5608CRITICAL9.8ten sam produkt

CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM V...

CVE-2020-5609CRITICAL9.8ten sam produkt

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R...

CVE-2015-5627CRITICAL9.8ten sam produkt

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earli...