CVE-2015-5628

high-risk
Published 2020-02-05

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet.

Do I need to act?

~
7.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Centum Cs 1000 Firmware
Centum Cs 3000 Firmware
Centum Cs 3000 Entry Firmware
Centum Vp Firmware
Centum Vp Entry Firmware
Prosafe-Rs Firmware
Exaopc
Exapilot
Exaplog
Exaquantum
Exaquantum\/Batch
Exarqe
Exasmoc
Field Wireless Device Opc Server
Plant Resource Manager
Scada Software \(Fast\/Tools\)
Versatile Data Server Software
B\/M9000Cs Firmware
B\/M9000 Vp Firmware
Fieldmate

Affected Vendors

Yokogawa

References (4)

Not Applicable http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf
Mitigation https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01
Not Applicable http://www.yokogawa.com/dcs/security/ysar/YSAR-15-0003E.pdf
Mitigation https://ics-cert.us-cert.gov/advisories/ICSA-15-253-01
62
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 10/34 · Low
Exposure 20/34 · Moderate