Insecure DLL Loading Vulnerability in Yokogawa Electric's CENTUM and Exaopc Products
CVE-2022-23401
7.8HIGH
Key Information:
- Vendor
- CVE Published:
- 11 March 2022
Summary
Yokogawa Electric's CENTUM and Exaopc products exhibit vulnerabilities related to insecure DLL loading, impacting multiple versions. These issues allow potential unauthorized code execution, which can compromise the security of systems relying on these products. Users are advised to review the provided versions for potential exposure and remediate threats accordingly.
Affected Version(s)
CENTUM CS 3000 versions from R3.08.10 to R3.09.00
CENTUM VP versions from R4.01.00 to R4.03.00
CENTUM VP versions from R5.01.00 to R5.04.20
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved