CVE-2018-0651 — CRITICAL (9.8)

Q: How severe is CVE-2018-0651?

CVE-2018-0651 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2018-0651?

Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Idefine For Prosafe-Rs Firmware, Yokogawa Idefine For Prosafe-Rs, Yokogawa Stardom Versatile Data Server Firmware, Yokogawa Stardom Versatile Data Server, Yokogawa Stardom Fcn\/Fcj Simulator Firmware.

Vulnerability Description

Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers to stop the license management function or execute an arbitrary program via unspecified vectors.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Yokogawa	Idefine For Prosafe-Rs Firmware	<= r1.16.3
Yokogawa	Idefine For Prosafe-Rs	-
Yokogawa	Stardom Versatile Data Server Firmware	<= r7.50
Yokogawa	Stardom Versatile Data Server	-
Yokogawa	Stardom Fcn\/Fcj Simulator Firmware	<= r4.20
Yokogawa	Stardom Fcn\/Fcj Simulator	-
Yokogawa	Astplanner	<= r15.01
Yokogawa	Trifellows	<= v5.04

Related Weaknesses (CWE)

CWE-119

References

http://www.securityfocus.com/bid/105124Third Party AdvisoryVDB Entry
https://jvn.jp/vu/JVNVU93845358/Third Party Advisory
https://web-material3.yokogawa.com/YSAR-18-0006-E.pdfVendor Advisory
http://www.securityfocus.com/bid/105124Third Party AdvisoryVDB Entry
https://jvn.jp/vu/JVNVU93845358/Third Party Advisory
https://web-material3.yokogawa.com/YSAR-18-0006-E.pdfVendor Advisory

FAQ

What is CVE-2018-0651?

CVE-2018-0651 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLAN...

How severe is CVE-2018-0651?

CVE-2018-0651 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-0651?

Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Idefine For Prosafe-Rs Firmware, Yokogawa Idefine For Prosafe-Rs, Yokogawa Stardom Versatile Data Server Firmware, Yokogawa Stardom Versatile Data Server, Yokogawa Stardom Fcn\/Fcj Simulator Firmware.