Detections
Analytics
Yokogawa CAMS for HIS Violation of Secure Design Principles (CVE-2022-30707)
high Tenable OT Security Plugin ID 500663
Synopsis
The remote OT asset is affected by a vulnerability.Description
Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R4.01.00 to R4.03.00), CENTUM series regardless of the use of CAMS function (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R5.01.00 to R5.04.20 and R6.01.00 to R6.09.00), Exaopc R3.72.00 to R3.80.00 (only if NTPF100-S6 'For CENTUM VP Support CAMS for HIS' is installed), B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01). If an adjacent attacker successfully compromises a computer using CAMS for HIS software, they can use credentials from the compromised machine to access data from another machine using CAMS for HIS software. This can lead to a disabling of CAMS for HIS software functions on any affected machines, or information disclosure/alteration.- Violation of secure design principles exists in the communication of CAMS for HIS. Affected products and versions are CENTUM series where LHS4800 is installed (CENTUM CS 3000 and CENTUM CS 3000 Small R3.08.10 to R3.09.00), CENTUM series where CAMS function is used (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R4.01.00 to R4.03.00), CENTUM series regardless of the use of CAMS function (CENTUM VP, CENTUM VP Small, and CENTUM VP Basic R5.01.00 to R5.04.20 and R6.01.00 to R6.09.00), Exaopc R3.72.00 to R3.80.00 (only if NTPF100-S6 'For CENTUM VP Support CAMS for HIS' is installed), B/M9000 CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01). If an adjacent attacker successfully compromises a computer using CAMS for HIS software, they can use credentials from the compromised machine to access data from another machine using CAMS for HIS software. This can lead to a disabling of CAMS for HIS software functions on any affected machines, or information disclosure/alteration. (CVE-2022-30707)
This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.Yokogawa has produced the following mitigations for the affected products:
- CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class):
- No software patch will be made available as these products are end-of-life. Upgrade systems to the latest version of CENTUM VP.
- CENTUM VP (Including CENTUM VP Entry Class):
- Versions R4.01.00 through R4.03.00, and R5.01.00 through R5.04.20
- No software patch will be made available as these products are end-of-life. Consider upgrading systems to the latest version of CENTUM VP.
- Versions R6.01.00 through R6.09.00
- Update systems to Version R6.09.00 and apply software patch R6.09.03
- Exaopc:
- Update systems to Version R3.80.00 and apply software patch R3.80.01
- B/M9000CS and B/M9000 VP:
- These products are not directly affected by the vulnerability. However, these products are affected if CENTUM is installed on the same PC. If CENTUM is installed, update as described above. Also update B/M9000 to the latest version.
Please see Yokogawa Security Advisory Report YSAR-22-0006 at the following locations for more information:
English
Japanese
For questions related to these mitigations, please contact Yokogawa.
See Also
https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-02
https://web-material3.yokogawa.com/19/32780/files/YSAR-22-0006-J.pdf
https://jvn.jp/vu/JVNVU92819891/index.html
https://web-material3.yokogawa.com/1/32780/files/YSAR-22-0006-E.pdf
Plugin Details
Severity: High
ID: 500663
Version: 1.8
Type: remote
Family: Tenable.ot
Published: 7/15/2022
Updated: 3/4/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 5.4
Temporal Score: 4
Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2022-30707
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:yokogawa:centum_cs_3000_entry_class_firmware, cpe:/o:yokogawa:centum_cs_3000_firmware, cpe:/o:yokogawa:centum_vp_entry_class_firmware:r4, cpe:/o:yokogawa:centum_vp_entry_class_firmware:r5, cpe:/o:yokogawa:centum_vp_entry_class_firmware:r6, cpe:/o:yokogawa:centum_vp_firmware:r4, cpe:/o:yokogawa:centum_vp_firmware:r5, cpe:/o:yokogawa:centum_vp_firmware:r6
Required KB Items: Tenable.ot/Yokogawa
Exploit Ease: No known exploits are available
Patch Publication Date: 6/28/2022
Vulnerability Publication Date: 6/28/2022
Reference Information
CVE: CVE-2022-30707