Vulnerability Description
Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yokogawa | Centum Cs 3000 Firmware | >= r3.08.10, <= r3.09.50 |
| Yokogawa | Centum Cs 3000 | - |
| Yokogawa | Centum Vp Firmware | >= r4.01.00, <= r4.03.00 |
| Yokogawa | Centum Vp | - |
| Yokogawa | B\/M9000Cs Firmware | >= r5.04.01, <= r5.05.01 |
| Yokogawa | B\/M9000Cs | - |
| Yokogawa | B\/M9000Vp Firmware | >= r6.01.01, <= r8.03.01 |
| Yokogawa | B\/M9000Vp | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/vu/JVNVU97997181/index.htmlThird Party Advisory
- https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdfVendor Advisory
- https://jvn.jp/vu/JVNVU97997181/index.htmlThird Party Advisory
- https://web-material3.yokogawa.com/1/29820/files/YSAR-20-0001-E.pdfVendor Advisory
FAQ
What is CVE-2020-5609?
CVE-2020-5609 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04...
How severe is CVE-2020-5609?
CVE-2020-5609 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-5609?
Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Centum Cs 3000 Firmware, Yokogawa Centum Cs 3000, Yokogawa Centum Vp Firmware, Yokogawa Centum Vp, Yokogawa B\/M9000Cs Firmware.