QID 590868

Date Published: 2022-06-03

QID 590868: Yokogawa CENTUM Multiple Vulnerabilities (ICSA-22-083-01) (YSAR-22-0001)

Yokogawa reports these vulnerabilities affect the following distributed control system and software products:
CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class): R3.08.10 - R3.09.00
CENTUM VP (Including CENTUM VP Entry Class):

R4.01.00 - R4.03.00
R5.01.00 - R5.04.20
R6.01.00 - R6.08.00
Successful exploitation of these vulnerabilities in CAMS server functions can be abused to suppress alarms, read or write files, crash the server, or execute arbitrary code.

  • CVSS V3 rated as Critical - 9.8 severity.
  • CVSS V2 rated as High - 7.5 severity.
  • Solution

    Customers are advised to refer to CERT MITIGATIONS section ICSA-22-083-01 for affected packages and patching details.

    Vendor References
    Software Advisories
    Advisory ID Software Component Link
    ICSA-22-083-01 URL Logo www.us-cert.gov/ics/advisories/ICSA-22-083-01