virus logo Intrusion Prevention

Yokogawa.CS3000.BKFSim.vhfd.EXE.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a stack Buffer Overflow vulnerability in multiple Yokogawa CENTUM CS products.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted UDP package . A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request to the vulnerable service.

affected-products-logoAffected Products

Yokogawa CENTUM CS 1000
Yokogawa CENTUM CS 3000 R2.23.00 and prior
Yokogawa CENTUM CS 3000 R3.09.50 and prior
Yokogawa CENTUM VP R4.03.00 and prior
Yokogawa CENTUM VP R5.03.20 and prior
Yokogawa Exaopc R3.72.00 or prior
Yokogawa B/M9000CS R5.05.01 or prior

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary code in the context of the affected application.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0002E.pdf

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://ics-cert.us-cert.gov/advisories/ICSA-14-189-01 http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0002E.pdf
ID 38967
Created Sep 10, 2014
Updated Mar 26, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2014-3888
Exploit Prediction Score 42.94%
Default Action drop
Active
Affected OS Windows
Affected App SCADA