CVE Tools
Sign in

BDU:2022-03206

Published: May 30, 2022Updated: May 30, 2022 Sources: BDUCWE-657Нарушение принципов безопасного проектирования
NVD MITRE
6.4CVSSMEDIUM
EPSS Score
N/A
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
Patch Available

Description

Уязвимость компонента управления аварийными сообщениями и событиями CAMS for HIS распределенных систем управления CENTUM связана с нарушением принципов безопасного проектирования. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить доступ к защищаемой информации или вызвать отказ в обслуживании

CVSS Vector Breakdown

AV:AAC:HC:LI:LA:H
Exploitability
AV:AAccess Vector
Adjacent Network
AC:HAccess Complexity
High
Impact
C:LConfidentiality
L
I:LIntegrity
L
A:HAvailability
H
Open in CVSS calculator →

Weaknesses

CWE-657Нарушение принципов безопасного проектирования

Affected Products

CENTUM VPYokogawa Electric CorporationICS / OT / IoT
B/M9000CSYokogawa Electric CorporationICS / OT / IoT
B/M9000 VPYokogawa Electric CorporationICS / OT / IoT
CENTUM CS 3000Yokogawa Electric CorporationICS / OT / IoT
CENTUM CS 3000 Entry ClassYokogawa Electric CorporationICS / OT / IoT
yokogawa electric corporationcommercialJPICS / OT / IoTaka yokogawa
and 1 more affected products View all →

Exploitability

Official Patch Available

References

https://web-material3.yokogawa.com/1/32780/files/YSAR-22-0006-E.pdf?_ga=2.153927800.1362106667.1653626671-1339000462.1653626671
web-material3.yokogawa.com
News mentions
Could not load news mentions.

Unlock Complete Vulnerability Intelligence

Get the full picture for BDU:2022-03206 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows