Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exaopc
(Yokogawa)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-11 | CVE-2022-23401 | The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00. | Centum_cs_3000_entry_firmware, Centum_cs_3000_firmware, Centum_vp_entry_firmware, Centum_vp_firmware, Exaopc | 7.8 | ||
| 2022-03-11 | CVE-2022-23402 | The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00 | Centum_vp_entry_firmware, Centum_vp_firmware, Exaopc | 9.8 | ||
| 2020-02-05 | CVE-2015-5628 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless... | B\/m9000_vp_firmware, B\/m9000cs_firmware, Centum_cs_1000_firmware, Centum_cs_3000_entry_firmware, Centum_cs_3000_firmware, Centum_vp_entry_firmware, Centum_vp_firmware, Exaopc, Exapilot, Exaplog, Exaquantum, Exaquantum\/batch, Exarqe, Exasmoc, Field_wireless_device_opc_server, Fieldmate, Plant_resource_manager, Prosafe\-Rs_firmware, Scada_software_\(Fast\/tools\), Stardom_opc_server, Versatile_data_server_software | N/A | ||
| 2020-02-05 | CVE-2015-5627 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless... | B\/m9000_vp_firmware, B\/m9000cs_firmware, Centum_cs_1000_firmware, Centum_cs_3000_entry_firmware, Centum_cs_3000_firmware, Centum_vp_entry_firmware, Centum_vp_firmware, Exaopc, Exapilot, Exaplog, Exaquantum, Exaquantum\/batch, Exarqe, Exasmoc, Field_wireless_device_opc_server, Fieldmate, Plant_resource_manager, Prosafe\-Rs_firmware, Scada_software_\(Fast\/tools\), Stardom_opc_server, Versatile_data_server_software | N/A | ||
| 2020-02-05 | CVE-2015-5626 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless... | B\/m9000_vp_firmware, B\/m9000cs_firmware, Centum_cs_1000_firmware, Centum_cs_3000_entry_firmware, Centum_cs_3000_firmware, Centum_vp_entry_firmware, Centum_vp_firmware, Exaopc, Exapilot, Exaplog, Exaquantum, Exaquantum\/batch, Exarqe, Exasmoc, Field_wireless_device_opc_server, Fieldmate, Plant_resource_manager, Prosafe\-Rs_firmware, Scada_software_\(Fast\/tools\), Stardom_opc_server, Versatile_data_server_software | N/A | ||
| 2019-12-26 | CVE-2019-6008 | An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges. | Exaopc, Exaplog, Exaquantum, Exaquantum\/batch, Exarqe, Exasmoc, Ga10, Insightsuiteae | N/A | ||
| 2018-04-17 | CVE-2018-8838 | A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. A CVSS... | B\/m9000_cs, B\/m9000_vp, Centum_cs_3000, Centum_vp, Exaopc | 6.5 | ||
| 2019-01-09 | CVE-2018-16196 | Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open... | B\/m9000_vp, Centum_cs_3000_entry_class, Centum_cs_3000_firmware, Centum_vp_entry_class, Centum_vp_firmware, Exaopc, Fast\/tools, Plant_resource_manager, Prosafe\-Rs | 7.5 | ||
| 2014-12-22 | CVE-2014-5208 | BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784. | Centum_cs_3000, Centum_vp, Exaopc | N/A | ||
| 2014-07-10 | CVE-2014-3888 | Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet. | B\/m9000_vp, B\/m9000_vp_software, B\/m9000cs, B\/m9000cs_software, Centum_cs_1000, Centum_cs_1000_software, Centum_cs_3000, Centum_cs_3000_entry_class, Centum_cs_3000_entry_class_software, Centum_cs_3000_software, Centum_vp, Centum_vp_entry_class, Centum_vp_entry_class_software, Centum_vp_software, Exaopc | N/A |