fkie_cve-2014-3888
Vulnerability from fkie_nvd
Published
2014-07-10 11:06
Modified
2024-11-21 02:09
Severity ?
Summary
Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| yokogawa | exaopc | * | |
| yokogawa | exaopc | 3.71.02 | |
| yokogawa | b\/m9000cs_software | * | |
| yokogawa | b\/m9000cs | - | |
| yokogawa | centum_vp_entry_class_software | * | |
| yokogawa | centum_vp_entry_class | - | |
| yokogawa | centum_vp_software | * | |
| yokogawa | centum_vp_software | 4.03.00 | |
| yokogawa | centum_vp | - | |
| yokogawa | b\/m9000_vp_software | * | |
| yokogawa | b\/m9000_vp | - | |
| yokogawa | centum_cs_3000 | r3.01 | |
| yokogawa | centum_cs_3000 | r3.02 | |
| yokogawa | centum_cs_3000 | r3.03 | |
| yokogawa | centum_cs_3000 | r3.04 | |
| yokogawa | centum_cs_3000 | r3.05 | |
| yokogawa | centum_cs_3000 | r3.06 | |
| yokogawa | centum_cs_3000 | r3.07 | |
| yokogawa | centum_cs_3000 | r3.08 | |
| yokogawa | centum_cs_3000 | r3.08.50 | |
| yokogawa | centum_cs_3000 | r3.08.70 | |
| yokogawa | centum_cs_3000 | r3.09 | |
| yokogawa | centum_cs_3000 | r3.09.50 | |
| yokogawa | centum_cs_3000_software | * | |
| yokogawa | centum_cs_3000 | - | |
| yokogawa | centum_cs_1000_software | - | |
| yokogawa | centum_cs_1000 | - | |
| yokogawa | centum_cs_3000_entry_class_software | * | |
| yokogawa | centum_cs_3000_entry_class | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3E0C7C-986A-4A07-847F-D40D194C8A06",
"versionEndIncluding": "3.72.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:exaopc:3.71.02:*:*:*:*:*:*:*",
"matchCriteriaId": "CD8C689E-7952-43A8-82F7-C9FA4591899C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:b\\/m9000cs_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B08DC609-2458-419B-BC7C-ED97E126E476",
"versionEndIncluding": "5.05.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:b\\/m9000cs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C0600F-87E0-4CE5-ACB9-49F160DB3D33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:centum_vp_entry_class_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1C581A-7E30-442A-898B-76C0E35B8376",
"versionEndIncluding": "5.03.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:centum_vp_entry_class:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1FD75F-66BF-423E-A491-E5689C7B6AEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:centum_vp_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31AF6BF2-A797-439D-AAC5-A6C4E8D6D34F",
"versionEndIncluding": "5.03.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_vp_software:4.03.00:*:*:*:*:*:*:*",
"matchCriteriaId": "41986FD4-F223-4B3C-917F-B132AA082B70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161A4767-228C-4681-9D20-81D9380CE48A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:b\\/m9000_vp_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D447032-B9EA-4FDF-A61B-DD5D2BAF6910",
"versionEndIncluding": "7.03.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:b\\/m9000_vp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59BD08BA-2C44-4BD0-BAA1-AC9D304E2DAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "40831829-1F44-439C-9A19-7DAAFD36E32F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F916DD-24BC-4955-9C30-A52C2A41B69C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D660F6DA-8694-4F23-B967-299953DFD293",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.04:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A408C8-A7CF-439D-85E5-0DD8056A5908",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.05:*:*:*:*:*:*:*",
"matchCriteriaId": "CA37B07D-505E-414A-9E69-E2AAB239CA35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "32BBCAC6-AB8D-4D68-A5E4-F7FBFC3F4B33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "BB1B75CD-C0BA-4046-A49E-9903B3B5972C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "E07B64DB-E820-467B-A603-971970637FB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.50:*:*:*:*:*:*:*",
"matchCriteriaId": "6813F466-42F8-4013-97A4-DA6E5D7C52F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.70:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0FEB1C-1427-4875-82C6-7EBD2B262766",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "1824EC58-BCB1-4876-8729-2B6FF2FF8D1D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000:r3.09.50:*:*:*:*:*:*:*",
"matchCriteriaId": "6B948C6E-88E0-4255-BBFF-06EA3EE3E532",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B32F16C-DDF7-4D36-9C2F-28360378C056",
"versionEndIncluding": "2.23.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAF123F6-D4A3-49B3-B8BC-14AA63E3A46A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_1000_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBB5E05-B97C-47BF-9D96-ED5B2B40C978",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:centum_cs_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E67CC9-AE79-4CEC-8B35-C191EB32760C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yokogawa:centum_cs_3000_entry_class_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B45F61B-53C2-4FE4-B2E9-62130E15948D",
"versionEndIncluding": "3.09.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:yokogawa:centum_cs_3000_entry_class:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF69433-979D-470A-85E5-4734E5998F63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en BKFSim_vhfd.exe en Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 y anteriores, CENTUM VP R5.03.20 y anteriores, Exaopc R3.72.00 y anteriores, B/M9000CS R5.05.01 y anteriores y B/M9000 VP R7.03.01 y anteriores, cuando FCS/Test Function est\u00e1 habilitada, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete manipulado."
}
],
"id": "CVE-2014-3888",
"lastModified": "2024-11-21T02:09:04.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-10T11:06:28.880",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-189-01"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/show/osvdb/108756"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/127382/Yokogawa-CS3000-BKFSim_vhfd.exe-Buffer-Overflow.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.exploit-db.com/exploits/34009"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0002E.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-189-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/show/osvdb/108756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/127382/Yokogawa-CS3000-BKFSim_vhfd.exe-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/34009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0002E.pdf"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.