CVE-2014-0782: Buffer Overflow
First published: Fri May 16 2014(Updated: )
Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yokogawa B\/m9000cs Software | <=5.05.01 | |
| Yokogawa B\/m9000cs | ||
| Yokogawa Centum Cs 1000 Software | ||
| Yokogawa CENTUM CS 1000 | ||
| Yokogawa Centum Cs 3000 Software | <=2.23.00 | |
| Yokogawa CENTUM CS 3000 | ||
| Yokogawa Centum Cs 3000 Entry Class Software | <=3.09.50 | |
| Yokogawa Centum Cs 3000 Entry Class | ||
| Yokogawa Exaopc | <=3.71.02 | |
| Yokogawa B\/m9000 Vp Software | <=7.03.01 | |
| Yokogawa B\/m9000 Vp | ||
| Yokogawa Centum Vp Entry Class Software | <=5.03.00 | |
| Yokogawa Centum Vp Entry Class | ||
| Yokogawa Centum Vp Software | <=4.03.00 | |
| Yokogawa Centum Vp |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-0782?
CVE-2014-0782 has a high severity rating due to the potential for remote code execution through a stack-based buffer overflow.
How do I fix CVE-2014-0782?
To fix CVE-2014-0782, update affected Yokogawa software products to the latest versions that patch the vulnerability.
Which Yokogawa products are affected by CVE-2014-0782?
CVE-2014-0782 affects several Yokogawa products including the CENTUM CS 1000, CENTUM CS 3000 Entry Class, and CENTUM VP among others.
Can exploiting CVE-2014-0782 compromise system integrity?
Yes, exploiting CVE-2014-0782 can lead to loss of system integrity, allowing attackers to execute arbitrary code.
Is there a public advisory for CVE-2014-0782?
Yes, there are advisories available that detail the vulnerabilities and necessary mitigations for CVE-2014-0782.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- agent/source
- vendor/yokogawa
- canonical/yokogawa b\/m9000cs software
- version/yokogawa b\/m9000cs software/5.05.01
- canonical/yokogawa b\/m9000cs
- canonical/yokogawa centum cs 1000 software
- canonical/yokogawa centum cs 1000
- canonical/yokogawa centum cs 3000 software
- version/yokogawa centum cs 3000 software/2.23.00
- canonical/yokogawa centum cs 3000
- canonical/yokogawa centum cs 3000 entry class software
- version/yokogawa centum cs 3000 entry class software/3.09.50
- canonical/yokogawa centum cs 3000 entry class
- canonical/yokogawa exaopc
- version/yokogawa exaopc/3.71.02
- canonical/yokogawa b\/m9000 vp software
- version/yokogawa b\/m9000 vp software/7.03.01
- canonical/yokogawa b\/m9000 vp
- canonical/yokogawa centum vp entry class software
- version/yokogawa centum vp entry class software/5.03.00
- canonical/yokogawa centum vp entry class
- canonical/yokogawa centum vp software
- version/yokogawa centum vp software/4.03.00
- canonical/yokogawa centum vp