THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-5650

Assigner:YokogawaGroup
Reserved:2024-06-05
Published:2024-06-17
Updated:2024-06-17

Description

DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute arbitrary programs with the authority of the SYSTEM account. The affected products and versions are as follows: CENTUM CS 3000 R3.08.10 to R3.09.50 CENTUM VP R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, R6.01.00 to R6.11.10.



HIGH: 8.5CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-284

Product status

Default status
unknown

R3.08.10
affected

Default status
unknown

R4.01.00
affected

R5.01.00
affected

R6.01.00
affected

References

https://web-material3.yokogawa.com/1/36044/files/YSAR-24-0002-E.pdf vendor-advisory

cve.org CVE-2024-5650

nvd.nist.gov CVE-2024-5650

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-5650
Find us on
Data Privacy
Terms of Use
Logo Silicon Valley Europe
Logo BSI Allianz für Cyber-Sicherheit