Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Yokogawa产品安全漏洞
Vulnerability Description
Yokogawa CENTUM CS等都是日本横河电机(Yokogawa)公司的产品。Yokogawa CENTUM CS和CENTUM VP都是大型生产控制系统。Exaopc是一款OPC数据访问服务器。 多款Yokogawa产品的Batch Management Packages中的BKBCopyD.exe文件存在安全漏洞,该漏洞源于程序没有要求身份验证。远程攻击者可借助RETR操作利用该漏洞读取任意文件;借助STOR操作利用该漏洞写入任意文件;借助PMODE操作利用该漏洞获取敏感的database-l
CVSS Information
N/A
Vulnerability Type
N/A