CVE-2014-0781

Published Mar 14, 2014

Last updated 9 years ago

Overview

Description: Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via crafted UDP packets.
Source: ics-cert@hq.dhs.gov
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CECD111-9739-48AA-8ABD-D32757AA93CF",
            "versionEndIncluding": "r3.09.50"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40831829-1F44-439C-9A19-7DAAFD36E32F"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4F916DD-24BC-4955-9C30-A52C2A41B69C"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D660F6DA-8694-4F23-B967-299953DFD293"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1A408C8-A7CF-439D-85E5-0DD8056A5908"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA37B07D-505E-414A-9E69-E2AAB239CA35"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32BBCAC6-AB8D-4D68-A5E4-F7FBFC3F4B33"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.07:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB1B75CD-C0BA-4046-A49E-9903B3B5972C"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E07B64DB-E820-467B-A603-971970637FB1"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6813F466-42F8-4013-97A4-DA6E5D7C52F8"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B0FEB1C-1427-4875-82C6-7EBD2B262766"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.09:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1824EC58-BCB1-4876-8729-2B6FF2FF8D1D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References