Vulnerability Details : CVE-2014-0784
Public exploit exists!
Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2014-0784
Probability of exploitation activity in the next 30 days: 32.86%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2014-0784
-
Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow
Disclosure Date: 2014-03-10First seen: 2020-04-26exploit/windows/scada/yokogawa_bkbcopyd_bofThis module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000. The vulnerability exists in the service BKBCopyD.exe when handling specially crafted packets. This module has been tested successfully on Yokogawa CENTUM CS 3000 R3.08.50 over Windows XP SP3.
CVSS scores for CVE-2014-0784
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
8.3
|
HIGH | AV:N/AC:M/Au:N/C:P/I:P/A:C |
8.6
|
8.5
|
NIST |
CWE ids for CVE-2014-0784
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0784
-
https://community.rapid7.com/community/metasploit/blog/2014/03/10/yokogawa-centum-cs3000-vulnerabilities
R7-2013-19 Disclosure: Yokogawa CENTUM CS 3000 VulnerabilitiesExploit
-
http://www.securityfocus.com/bid/66114
Yokogawa CENTUM CS3000 'BKBCopyD.exe' Stack Based Buffer Overflow VulnerabilityExploit
-
http://ics-cert.us-cert.gov/advisories/ICSA-14-070-01
Access Denied | CISAThird Party Advisory;US Government Resource
Products affected by CVE-2014-0784
- cpe:2.3:a:yokogawa:centum_cs_3000:*:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.07:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.06:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.05:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.04:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.70:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.08:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.03:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.01:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.09:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.08.50:*:*:*:*:*:*:*
- cpe:2.3:a:yokogawa:centum_cs_3000:r3.02:*:*:*:*:*:*:*