1. Home
  2. CVE Database
  3. CVE-2022-27188
HIGH · 7.8

CVE-2022-27188

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may ...

Vulnerability Description

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute an arbitrary OS command by altering a file generated using Graphic Builder.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
YokogawaB\/M9000 Vp>= r6.01.01, <= r6.03.02
YokogawaCentum Vp>= r4.01.00, <= r4.03.00

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2022-27188?

CVE-2022-27188 is a vulnerability with a CVSS score of 7.8 (HIGH). OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may ...

How severe is CVE-2022-27188?

CVE-2022-27188 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-27188?

Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa B\/M9000 Vp, Yokogawa Centum Vp.