Yokogawa has an update to handle a resource management error vulnerability in its Vnet/IP Open Communication Driver, according to a report with NCCIC.
Successful exploitation of this remotely exploitable vulnerability, which JPCERT coordinated with Yokogawa, could allow an attacker to cause Vnet/IP network communications to controlled devices to become unavailable.
The following equipment and versions utilizing the Vnet/IP Open Communication Driver suffer from the issue:
• CENTUM CS 3000 (R3.05.00 – R3.09.50)
• CENTUM CS 3000 Entry Class (R3.05.00 – R3.09.50)
• CENTUM VP (R4.01.00 – R6.03.10)
• CENTUM VP Entry Class (R4.01.00 – R6.03.10)
• Exaopc (R3.10.00 – R3.75.00)
• PRM (R2.06.00 – R3.31.00)
• ProSafe-RS (R1.02.00 – R4.02.00)
• FAST/TOOLS (R9.02.00 – R10.02.00)
• B/M9000 VP (R6.03.01 – R8.01.90)
In the vulnerability, the Vnet/IP Open Communication Driver has a vulnerability that could allow an attacker to stop the communications functionality of the Vnet/IP Open Communication Driver, resulting in a denial of service.
CVE-2018-16196 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.
The product sees use in the critical manufacturing, energy, and food and agriculture sectors. It also sees action on a global basis.
No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.
Yokogawa recommends users of affected devices and versions update to the latest available release.
Details about the products, affected revisions, and suggested mitigations are available in the Yokogawa Security Advisory Report YSAR-18-0008: Denial of service (DoS) vulnerability in Vnet/IP Open Communication Driver.
Click on the Yokogawa Security Advisory Report YSAR-18-0008 for more information.
For questions related to this report and details regarding how to update to the newest revision, please visit the Yokogawa security website (registration required).