CVE-2018-16196: Input Validation
First published: Wed Jan 09 2019(Updated: )
Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yokogawa Centum Cs 3000 Firmware | >=r3.05.00<=r3.09.50 | |
| Yokogawa CENTUM CS 3000 | ||
| Yokogawa Centum Cs 3000 Entry Class | >=r3.05.00<=r3.09.50 | |
| Yokogawa Centum Vp Firmware | >=r4.01.00<=r6.03.10 | |
| Yokogawa Centum Vp | ||
| Yokogawa Centum Vp Entry Class | >=r4.01.00<=r6.03.10 | |
| Yokogawa B\/m9000 Vp | >=r6.03.01<=r8.01.90 | |
| Yokogawa Exaopc | >=r3.10.00<=r3.75.00 | |
| Yokogawa Fast\/tools | >=r9.02.00<=r10.02.00 | |
| Yokogawa Plant Resource Manager | >=r2.06.00<=r3.31.00 | |
| Yokogawa Prosafe-rs | >=r1.02.00<=r4.02.00 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-16196?
CVE-2018-16196 is a vulnerability in multiple Yokogawa products that contain Vnet/IP Open Communication Driver.
How severe is CVE-2018-16196?
CVE-2018-16196 has a severity score of 7.5 (High).
Which Yokogawa products are affected by CVE-2018-16196?
Yokogawa Centum CS 3000 (R3.05.00 - R3.09.50), Centum CS 3000 Entry Class (R3.05.00 - R3.09.50), Centum VP (R4.01.00 - R6.03.10), Centum VP Entry Class (R4.01.00 - R6.03.10), Exaopc (R3.10.00 - R3.75.00), PRM (R2.06.00 - R3.31.00), ProSafe-rs (R1.02.00 - R4.02.00), and Fast/tools (R9.02.00 - R10.02.00) are affected by CVE-2018-16196.
What is the recommended solution for CVE-2018-16196?
Apply the patches or updates provided by Yokogawa to fix CVE-2018-16196.
Where can I find more information about CVE-2018-16196?
You can find more information about CVE-2018-16196 on the SecurityFocus website (http://www.securityfocus.com/bid/106442), JVN Vulnerability Database (https://jvn.jp/vu/JVNVU93652047/index.html), and the official Yokogawa advisory (https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf).
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/yokogawa
- canonical/yokogawa centum cs 3000 firmware
- version/yokogawa centum cs 3000 firmware/r3.05.00
- version/yokogawa centum cs 3000 firmware/r3.09.50
- canonical/yokogawa centum cs 3000
- canonical/yokogawa centum cs 3000 entry class
- version/yokogawa centum cs 3000 entry class/r3.05.00
- version/yokogawa centum cs 3000 entry class/r3.09.50
- canonical/yokogawa centum vp firmware
- version/yokogawa centum vp firmware/r4.01.00
- version/yokogawa centum vp firmware/r6.03.10
- canonical/yokogawa centum vp
- canonical/yokogawa centum vp entry class
- version/yokogawa centum vp entry class/r4.01.00
- version/yokogawa centum vp entry class/r6.03.10
- canonical/yokogawa b\/m9000 vp
- version/yokogawa b\/m9000 vp/r6.03.01
- version/yokogawa b\/m9000 vp/r8.01.90
- canonical/yokogawa exaopc
- version/yokogawa exaopc/r3.10.00
- version/yokogawa exaopc/r3.75.00
- canonical/yokogawa fast\/tools
- version/yokogawa fast\/tools/r9.02.00
- version/yokogawa fast\/tools/r10.02.00
- canonical/yokogawa plant resource manager
- version/yokogawa plant resource manager/r2.06.00
- version/yokogawa plant resource manager/r3.31.00
- canonical/yokogawa prosafe-rs
- version/yokogawa prosafe-rs/r1.02.00
- version/yokogawa prosafe-rs/r4.02.00