CVE-2018-16196 — HIGH (7.5)

Q: How severe is CVE-2018-16196?

CVE-2018-16196 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-16196?

Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Centum Cs 3000 Firmware, Yokogawa Centum Cs 3000, Yokogawa Centum Cs 3000 Entry Class, Yokogawa Centum Vp Firmware, Yokogawa Centum Vp.

Vulnerability Description

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Yokogawa	Centum Cs 3000 Firmware	>= r3.05.00, <= r3.09.50
Yokogawa	Centum Cs 3000	-
Yokogawa	Centum Cs 3000 Entry Class	>= r3.05.00, <= r3.09.50
Yokogawa	Centum Vp Firmware	>= r4.01.00, <= r6.03.10
Yokogawa	Centum Vp	-
Yokogawa	Centum Vp Entry Class	>= r4.01.00, <= r6.03.10
Yokogawa	B\/M9000 Vp	>= r6.03.01, <= r8.01.90
Yokogawa	Exaopc	>= r3.10.00, <= r3.75.00
Yokogawa	Fast\/Tools	>= r9.02.00, <= r10.02.00
Yokogawa	Plant Resource Manager	>= r2.06.00, <= r3.31.00
Yokogawa	Prosafe-Rs	>= r1.02.00, <= r4.02.00

Related Weaknesses (CWE)

CWE-20

References

http://www.securityfocus.com/bid/106442Third Party AdvisoryVDB Entry
https://jvn.jp/vu/JVNVU93652047/index.htmlThird Party AdvisoryVDB Entry
https://web-material3.yokogawa.com/YSAR-18-0008-E.pdfVendor Advisory
http://www.securityfocus.com/bid/106442Third Party AdvisoryVDB Entry
https://jvn.jp/vu/JVNVU93652047/index.htmlThird Party AdvisoryVDB Entry
https://web-material3.yokogawa.com/YSAR-18-0008-E.pdfVendor Advisory

FAQ

What is CVE-2018-16196?

CVE-2018-16196 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM ...

How severe is CVE-2018-16196?

CVE-2018-16196 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-16196?

Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Centum Cs 3000 Firmware, Yokogawa Centum Cs 3000, Yokogawa Centum Cs 3000 Entry Class, Yokogawa Centum Vp Firmware, Yokogawa Centum Vp.