Cyber Resilience

CVE-2022-33939

High

Published: 16 August 2022

Published
16 August 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0026 50.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-33939 is a high-severity an unspecified weakness vulnerability in Yokogawa Centum Vp 3000 Cp401 Firmware. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 50.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service (DoS)…

more

condition in ADL communication by sending a specially crafted packet to the affected product.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

yokogawa
centum cs 3000 cp401 firmware
all versions
yokogawa
centum cs 3000 cp451 firmware
all versions
yokogawa
centum cs 3000 cp33 firmware
all versions
yokogawa
centum cs 3000 cp345 firmware
all versions
yokogawa
centum cs 3000 cp31 firmware
all versions
yokogawa
centum vp 3000 cp401 firmware
r4.01.00 — r4.03.00 · r5.01.00 — r5.04.78 · r6.01.00 — r6.03.10
yokogawa
centum vp 3000 cp451 firmware
r4.01.00 — r4.03.00 · r5.01.00 — r5.04.78 · r6.01.00 — r6.03.10

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References