CVE-2014-0783

Published Mar 14, 2014

Last updated 3 months ago

CVSS info 9.0

Overview

Description: Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.
Source: ics-cert@hq.dhs.gov
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 8.5
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CECD111-9739-48AA-8ABD-D32757AA93CF",
            "versionEndIncluding": "r3.09.50"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40831829-1F44-439C-9A19-7DAAFD36E32F"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4F916DD-24BC-4955-9C30-A52C2A41B69C"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D660F6DA-8694-4F23-B967-299953DFD293"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.04:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1A408C8-A7CF-439D-85E5-0DD8056A5908"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA37B07D-505E-414A-9E69-E2AAB239CA35"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32BBCAC6-AB8D-4D68-A5E4-F7FBFC3F4B33"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.07:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB1B75CD-C0BA-4046-A49E-9903B3B5972C"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E07B64DB-E820-467B-A603-971970637FB1"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6813F466-42F8-4013-97A4-DA6E5D7C52F8"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.70:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B0FEB1C-1427-4875-82C6-7EBD2B262766"
          },
          {
            "criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.09:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1824EC58-BCB1-4876-8729-2B6FF2FF8D1D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References