CVE-2022-22729

CVE-2022-22729

Vendor Yokogawa Electric Corporation
Product CENTUM CS 3000
Weakness CWE-302
Published March 11, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

CAMS for HIS Server contained in the following Yokogawa Electric products improperly authenticate the receiving packets. The authentication may be bypassed via some crafted packets: CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, and Exaopc versions from R3.72.00 to R3.79.00.

Key dates

02Disclosure timeline

March 11, 2022 CVE published
August 3, 2024 Record updated