CVE-2022-27188

Published: Apr 15, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute an arbitrary OS command by altering a file generated using Graphic Builder.

Vendor	Product	Versions
Yokogawa Electric Corporation	CENTUM VP series with VP6E5150(Graphic Builder) installed and B/M9000 VP	affected `CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02`

References

https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/

x_refsource_MISC

https://jvn.jp/vu/JVNVU99204686/index.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-27188

Description

Affected Products

References