CVE-2018-16196
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
09/01/2019
Last modified:
14/02/2019
Description
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:* | r3.05.00 (including) | r3.09.50 (including) |
| cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:yokogawa:centum_cs_3000_entry_class:*:*:*:*:*:*:*:* | r3.05.00 (including) | r3.09.50 (including) |
| cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:* | r4.01.00 (including) | r6.03.10 (including) |
| cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:* | ||
| cpe:2.3:a:yokogawa:centum_vp_entry_class:*:*:*:*:*:*:*:* | r4.01.00 (including) | r6.03.10 (including) |
| cpe:2.3:a:yokogawa:b\/m9000_vp:*:*:*:*:*:*:*:* | r6.03.01 (including) | r8.01.90 (including) |
| cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:* | r3.10.00 (including) | r3.75.00 (including) |
| cpe:2.3:a:yokogawa:fast\/tools:*:*:*:*:*:*:*:* | r9.02.00 (including) | r10.02.00 (including) |
| cpe:2.3:a:yokogawa:plant_resource_manager:*:*:*:*:*:*:*:* | r2.06.00 (including) | r3.31.00 (including) |
| cpe:2.3:a:yokogawa:prosafe-rs:*:*:*:*:*:*:*:* | r1.02.00 (including) | r4.02.00 (including) |
To consult the complete list of CPE names with products and versions, see this page