Detections
Analytics

Yokogawa (CVE-2018-16196)

high Tenable OT Security Plugin ID 500115

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver's communication via unspecified vectors.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://web-material3.yokogawa.com/YSAR-18-0008-E.pdf

https://jvn.jp/vu/JVNVU93652047/index.html

http://www.securityfocus.com/bid/106442

Plugin Details

Severity: High

ID: 500115

File Name: tenable_ot_yokogawa_CVE-2018-16196.nasl

Version: 1.12

Type: Remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 6/18/2026

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2018-16196

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/o:yokogawa:centum_cs_3000_firmware, cpe:/o:yokogawa:centum_vp_firmware

Required KB Items: Tenable.ot/Yokogawa

Exploit Ease: No known exploits are available

Patch Publication Date: 1/9/2019

Vulnerability Publication Date: 1/9/2019

Reference Information

CVE: CVE-2018-16196

CWE: 20

ICSA: 19-003-02