CVE-2022-33939
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
16/08/2022
Last modified:
08/08/2023
Description
CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service (DoS) condition in ADL communication by sending a specially crafted packet to the affected product.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:yokogawa:centum_cs_3000_cp401_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:yokogawa:centum_cs_3000_cp401:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:yokogawa:centum_cs_3000_cp451_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:yokogawa:centum_cs_3000_cp451:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:yokogawa:centum_cs_3000_cp33_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:yokogawa:centum_cs_3000_cp33:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:yokogawa:centum_cs_3000_cp345_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:yokogawa:centum_cs_3000_cp345:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:yokogawa:centum_cs_3000_cp31_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:yokogawa:centum_cs_3000_cp31:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:yokogawa:centum_vp_3000_cp401_firmware:*:*:*:*:*:*:*:* | r4.01.00 (including) | r4.03.00 (including) |
| cpe:2.3:o:yokogawa:centum_vp_3000_cp401_firmware:*:*:*:*:*:*:*:* | r5.01.00 (including) | r5.04.78 (excluding) |
| cpe:2.3:o:yokogawa:centum_vp_3000_cp401_firmware:*:*:*:*:*:*:*:* | r6.01.00 (including) | r6.03.10 (excluding) |
| cpe:2.3:h:yokogawa:centum_vp_3000_cp401:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:yokogawa:centum_vp_3000_cp451_firmware:*:*:*:*:*:*:*:* | r4.01.00 (including) | r4.03.00 (including) |
To consult the complete list of CPE names with products and versions, see this page