Vulnerability Details CVE-2014-0781
Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via crafted UDP packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.052
EPSS Ranking 89.6%
CVSS Severity
CVSS v2 Score 9.3
References
- http://ics-cert.us-cert.gov/advisories/ICSA-14-070-01
- http://www.securityfocus.com/bid/66130
- https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities
- http://ics-cert.us-cert.gov/advisories/ICSA-14-070-01
- http://www.securityfocus.com/bid/66130
- https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities
Products affected by CVE-2014-0781
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.01
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.02
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.03
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.04
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.05
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.06
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.07
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.08
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.50
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.70
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.09
-
cpe:2.3:a:yokogawa:centum_cs_3000:r3.09.50