Buffer Overflow in License Management of Yokogawa Products
CVE-2018-0651

9.8CRITICAL

Key Information:

Vendor

Yokogawa Electric Corporation

Status
The License Management Function Of Yokogawa Products
Vendor
CVE Published:
9 January 2019

What is CVE-2018-0651?

A vulnerability exists in the license management function of several Yokogawa products, where a buffer overflow can be exploited by remote attackers. This can lead to the interruption of the license management operation or allow the execution of arbitrary code, potentially compromising the integrity and functionality of the affected systems.

Affected Version(s)

The license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier)

References

https://web-material3.yokogawa.com/YSAR-18-0006-E.pdf
x_refsource_MISC
http://www.securityfocus.com/bid/105124
vdb-entryx_refsource_BID
https://jvn.jp/vu/JVNVU93845358/
x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.