SCADA: Yokogawa BKFSim CVE-2014-3888 Stack Buffer Overflow
This signature detects an attempt to exploit a known vulnerability against Yokogawa SCADA based application. Successful exploitation could allow an attacker to craft a malicious packet, crash the running service and could lead to further attacks.
Extended Description
Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet.
Affected Products
Yokogawa exaopc
Short Name
SCADA:YOKOGAWA-STACK-OF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
SCADA
Keywords
BKFSim Buffer CVE-2014-3888 Overflow Stack Yokogawa bid:68428
Release Date
02/03/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
UDP/20010
False Positive
Unknown
Vendors
Yokogawa
CVSS Score
8.3