CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27188

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute an arbitrary OS command by altering a file generated using Graphic Builder.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.4%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.4

References

https://jvn.jp/vu/JVNVU99204686/index.html
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/
https://jvn.jp/vu/JVNVU99204686/index.html
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/

Products affected by CVE-2022-27188

Yokogawa » B/m9000 Vp » Version: r6.01.01

cpe:2.3:a:yokogawa:b/m9000_vp:r6.01.01
Yokogawa » B/m9000 Vp » Version: r6.03.02

cpe:2.3:a:yokogawa:b/m9000_vp:r6.03.02
Yokogawa » Centum Vp » Version: r4.01.00

cpe:2.3:a:yokogawa:centum_vp:r4.01.00
Yokogawa » Centum Vp » Version: r4.03.00

cpe:2.3:a:yokogawa:centum_vp:r4.03.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27188

Products

Pricing

Contact Us