The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.
References
Link | Resource |
---|---|
https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
|
History
18 Mar 2022, 14:57
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-427 | |
References | (CONFIRM) https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf - Vendor Advisory | |
First Time |
Yokogawa centum Vp Firmware
Yokogawa exaopc Yokogawa centum Cs 3000 Entry Yokogawa centum Vp Entry Yokogawa Yokogawa centum Vp Yokogawa centum Vp Entry Firmware Yokogawa centum Cs 3000 Entry Firmware Yokogawa centum Cs 3000 Firmware Yokogawa centum Cs 3000 |
|
CVSS |
v2 : v3 : |
v2 : 3.7
v3 : 7.8 |
CPE | cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:yokogawa:centum_cs_3000_entry:-:*:*:*:*:*:*:* cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:* cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:* cpe:2.3:o:yokogawa:centum_cs_3000_entry_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:yokogawa:centum_cs_3000_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:* cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:* |
11 Mar 2022, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-11 09:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-23401
Mitre link : CVE-2022-23401
CVE.ORG link : CVE-2022-23401
JSON object : View
Products Affected
yokogawa
- centum_vp
- centum_cs_3000
- centum_cs_3000_entry
- centum_vp_entry_firmware
- centum_vp_entry
- exaopc
- centum_vp_firmware
- centum_cs_3000_entry_firmware
- centum_cs_3000_firmware
CWE
CWE-427
Uncontrolled Search Path Element