Sign-up

ID

VAR-201412-0282


CVE

CVE-2014-5208


TITLE

CENTUM and Exaopc Vulnerabilities that allow access to arbitrary files

Trust: 0.8

sources: JVNDB: JVNDB-2014-004249

DESCRIPTION

BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784. Provided by Yokogawa Electric Corporation CENTUM and Exaopc Is BKBCopyD.exe There is a problem in the processing of the file, and there is a vulnerability that can access arbitrary files. In addition, National Vulnerability Database (NVD) Then CWE-284 It is published as Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlCrafted communication frame 20111/tcp By sending to, arbitrary files may be obtained or created with the user's authority. Yokogawa CENTUM CS3000 is a production control system. If Yokogawa CENTUM's multiple products have Batch Management installed, they will start the BKBCopyD.exe service and listen on the 20111 / TCP port. There is no verification mechanism, allowing attackers to use the vulnerability to perform malicious operations, such as reading and writing files. Multiple Yokogawa products are prone to a security weakness. An attacker may leverage this issue to obtain potentially sensitive information and perform unauthorized actions in the context of the affected application. Yokogawa CENTUM CS, etc. are all products of Japan's Yokogawa Electric (Yokogawa) company. Exaopc is an OPC data access server. The vulnerability is caused by the program not requiring authentication. The following products and versions are affected: Yokogawa CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R4.03.00 and earlier, R5.x R5.04.00 and earlier, Exaopc R3.72.10 and earlier

Trust: 2.52

sources: NVD: CVE-2014-5208 // JVNDB: JVNDB-2014-004249 // CNVD: CNVD-2014-06375 // BID: 69886 // VULHUB: VHN-73149

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-06375

AFFECTED PRODUCTS

vendor:yokogawamodel:centum vpscope:eqversion:r5.02.00

Trust: 1.6

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.01

Trust: 1.6

vendor:yokogawamodel:centum vpscope:eqversion:r5.01.20

Trust: 1.6

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.09.50

Trust: 1.6

vendor:yokogawamodel:centum vpscope:eqversion:r5.03.00

Trust: 1.6

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.02

Trust: 1.6

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.05

Trust: 1.6

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.03

Trust: 1.6

vendor:yokogawamodel:centum vpscope:eqversion:r5.01.00

Trust: 1.6

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.04

Trust: 1.0

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.08

Trust: 1.0

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.06

Trust: 1.0

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.08.70

Trust: 1.0

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.09

Trust: 1.0

vendor:yokogawamodel:centum vpscope:lteversion:r4.03.00

Trust: 1.0

vendor:yokogawamodel:exaopcscope:lteversion:3.71.10

Trust: 1.0

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.07

Trust: 1.0

vendor:yokogawamodel:centum cs 3000scope:eqversion:r3.08.50

Trust: 1.0

vendor:yokogawa electricmodel:centum cs 3000scope: - version: -

Trust: 0.8

vendor:yokogawa electricmodel:centum cs 3000 entry classscope: - version: -

Trust: 0.8

vendor:yokogawa electricmodel:centum cs 3000 entry class softwarescope:lteversion:r3.09.50

Trust: 0.8

vendor:yokogawa electricmodel:centum cs 3000 softwarescope:lteversion:r3.09.50

Trust: 0.8

vendor:yokogawa electricmodel:centum vpscope: - version: -

Trust: 0.8

vendor:yokogawa electricmodel:centum vp entry classscope: - version: -

Trust: 0.8

vendor:yokogawa electricmodel:centum vp entry class softwarescope:lteversion:r4.03.00

Trust: 0.8

vendor:yokogawa electricmodel:centum vp entry class softwarescope:eqversion:r5.04.00 for up to r5.x

Trust: 0.8

vendor:yokogawa electricmodel:centum vp softwarescope:lteversion:r4.03.00

Trust: 0.8

vendor:yokogawa electricmodel:centum vp softwarescope:eqversion:r5.04.00 for up to r5.x

Trust: 0.8

vendor:yokogawa electricmodel:exaopcscope: - version: -

Trust: 0.8

vendor:yokogawa electricmodel:exaopcscope:lteversion:r3.72.10

Trust: 0.8

vendor:yokogawa electricmodel:centum cs r3.09.50scope:eqversion:3000

Trust: 0.6

vendor:yokogawa electricmodel:centum vp r4.03.00scope: - version: -

Trust: 0.6

vendor:yokogawa electricmodel:centum vp r5.04.00scope: - version: -

Trust: 0.6

vendor:yokogawa electricmodel:exaopc r3.72.10scope: - version: -

Trust: 0.6

vendor:yokogawamodel:centum vpscope:eqversion:r4.03.00

Trust: 0.6

sources: CNVD: CNVD-2014-06375 // JVNDB: JVNDB-2014-004249 // CNNVD: CNNVD-201410-1190 // NVD: CVE-2014-5208

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-5208
value: HIGH

Trust: 1.0

IPA: JVNDB-2014-004249
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-06375
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201410-1190
value: HIGH

Trust: 0.6

VULHUB: VHN-73149
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-5208
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2014-004249
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2014-06375
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-73149
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-06375 // VULHUB: VHN-73149 // JVNDB: JVNDB-2014-004249 // CNNVD: CNNVD-201410-1190 // NVD: CVE-2014-5208

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.1

problemtype:CWE-Other

Trust: 0.8

sources: VULHUB: VHN-73149 // JVNDB: JVNDB-2014-004249 // NVD: CVE-2014-5208

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-1190

TYPE

Access Validation Error

Trust: 0.3

sources: BID: 69886

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-004249

PATCH
title:YSAR-14-0003Eurl:http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0003E.pdf
Trust: 0.8
title:横河電機株式会社 の告知ページurl:http://www.yokogawa.co.jp/dcs/security/ysar/dcs-ysar-index-ja.htm
Trust: 0.8
title:Patch for Remote Unknown Vulnerability in Multiple Yokogawa Productsurl:https://www.cnvd.org.cn/patchInfo/show/50488
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-06375 // 
            
            
            
            JVNDB: JVNDB-2014-004249

EXTERNAL IDS
db:NVDid:CVE-2014-5208
Trust: 3.4
db:ICS CERTid:ICSA-14-260-01A
Trust: 1.7
db:BIDid:69886
Trust: 1.6
db:ICS CERTid:ICSA-14-260-01
Trust: 1.4
db:JVNid:JVNVU95634161
Trust: 0.8
db:JVNDBid:JVNDB-2014-004249
Trust: 0.8
db:CNNVDid:CNNVD-201410-1190
Trust: 0.7
db:OSVDBid:111675
Trust: 0.6
db:CNVDid:CNVD-2014-06375
Trust: 0.6
db:SECUNIAid:61323
Trust: 0.6
db:VULHUBid:VHN-73149
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-06375 // 
            
            
            
            VULHUB: VHN-73149 // 
            
            
            
            BID: 69886 // 
            
            
            
            JVNDB: JVNDB-2014-004249 // 
            
            
            
            CNNVD: CNNVD-201410-1190 // 
            
            
            
            NVD: CVE-2014-5208

REFERENCES
url:http://www.yokogawa.com/dcs/security/ysar/ysar-14-0003e.pdf
Trust: 1.7
url:https://community.rapid7.com/community/metasploit/blog/2014/08/09/r7-2014-10-disclosure-yokogawa-centum-cs3000-bkbcopydexe-file-system-access
Trust: 1.7
url:https://ics-cert.us-cert.gov/advisories/icsa-14-260-01a
Trust: 1.7
url:https://ics-cert.us-cert.gov/advisories/icsa-14-260-01
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-5208
Trust: 0.8
url:http://jvn.jp/vu/jvnvu95634161/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-5208
Trust: 0.8
url:http://osvdb.com/show/osvdb/111675
Trust: 0.6
url:http://secunia.com/advisories/61323
Trust: 0.6
url:http://www.securityfocus.com/bid/69886
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-06375 // 
            
            
            
            VULHUB: VHN-73149 // 
            
            
            
            JVNDB: JVNDB-2014-004249 // 
            
            
            
            CNNVD: CNNVD-201410-1190 // 
            
            
            
            NVD: CVE-2014-5208

CREDITS
Tod Beardsley and Jim Denaro
Trust: 0.9
sources:
            
            
            BID: 69886 // 
            
            
            
            CNNVD: CNNVD-201410-1190

SOURCES
db:CNVDid:CNVD-2014-06375
db:VULHUBid:VHN-73149
db:BIDid:69886
db:JVNDBid:JVNDB-2014-004249
db:CNNVDid:CNNVD-201410-1190
db:NVDid:CVE-2014-5208

LAST UPDATE DATE
2024-11-23T22:35:00.954000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-06375date:2014-09-28T00:00:00
db:VULHUBid:VHN-73149date:2014-12-22T00:00:00
db:BIDid:69886date:2014-12-03T07:57:00
db:JVNDBid:JVNDB-2014-004249date:2014-12-24T00:00:00
db:CNNVDid:CNNVD-201410-1190date:2014-12-23T00:00:00
db:NVDid:CVE-2014-5208date:2024-11-21T02:11:37.720

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-06375date:2014-09-28T00:00:00
db:VULHUBid:VHN-73149date:2014-12-22T00:00:00
db:BIDid:69886date:2014-09-17T00:00:00
db:JVNDBid:JVNDB-2014-004249date:2014-09-18T00:00:00
db:CNNVDid:CNNVD-201410-1190date:2014-09-17T00:00:00
db:NVDid:CVE-2014-5208date:2014-12-22T17:59:00.063