CVE-2024-5650
8.5
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute arbitrary programs with the authority of the SYSTEM account.
The affected products and versions are as follows: CENTUM CS 3000 R3.08.10 to R3.09.50 CENTUM VP R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, R6.01.00 to R6.11.10.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Yokogawa Electric Corporation | CENTUM CS 3000 | R3.08.10 <= R3.09.50 | affected |
| Yokogawa Electric Corporation | CENTUM VP | R4.01.00 <= R4.03.00 | affected |
| Yokogawa Electric Corporation | CENTUM VP | R5.01.00 <= R5.04.20 | affected |
| Yokogawa Electric Corporation | CENTUM VP | R6.01.00 <= R6.11.10 | affected |
Weaknesses
- CWE-284: CWE-284
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.