CVE-2024-5650
June 17, 2024, 12:42 p.m.
Tags
CVSS Score
Product(s) Impacted
CENTUM CAMS Log server
Yokogawa Electric Corporation
CENTUM CS 3000
- R3.08.10 - R3.09.50
CENTUM VP
- R4.01.00 - R4.03.00
- R5.01.00 - R5.04.20
- R6.01.00 - R6.11.10
Description
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa Electric Corporation. If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute arbitrary programs with the authority of the SYSTEM account. The affected products and versions are as follows: CENTUM CS 3000 R3.08.10 to R3.09.50 CENTUM VP R4.01.00 to R4.03.00, R5.01.00 to R5.04.20, R6.01.00 to R6.11.10.
Weaknesses
Date
Published: June 17, 2024, 7:15 a.m.
Last Modified: June 17, 2024, 12:42 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
7168b535-132a-4efe-a076-338f829b2eb9
CVSS Data
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
Exploitability Score
Impact Score
Base Severity
HIGHCVSS Vector String
The CVSS vector string provides an in-depth view of the vulnerability metrics.
View Vector StringCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H