Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0784

Overview

Vulnerability Score 8.3 8.3
CVE Id CVE-2014-0784
Last Modified 05 Aug 2015 11:51:29
Published 14 Mar 2014 06:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0784

Summary

Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.

Vulnerable Systems

Application

  • Yokogawa Centum Cs 3000 R3.01

  • Yokogawa Centum Cs 3000 R3.02

  • Yokogawa Centum Cs 3000 R3.03

  • Yokogawa Centum Cs 3000 R3.04

  • Yokogawa Centum Cs 3000 R3.05

  • Yokogawa Centum Cs 3000 R3.06

  • Yokogawa Centum Cs 3000 R3.07

  • Yokogawa Centum Cs 3000 R3.08

  • Yokogawa Centum Cs 3000 R3.08.50

  • Yokogawa Centum Cs 3000 R3.08.70

  • Yokogawa Centum Cs 3000 R3.09

  • Yokogawa Centum Cs 3000 R3.09.50


References

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-14-070-01

MISC - https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities

BID - 66114


Last Updated: 27 May 2016 11:04:40