CVE-2019-6008 Information
Feb 14, 2021
cve
Description
An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00) Exaplog (R1.10.00 ? R3.40.00) Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00) Exaquantum/Batch (R1.01.00 ? R2.50.40) Exasmoc (all revisions) Exarqe (all revisions) GA10 (R1.01.01 ? R3.05.01) and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
http://jvn.jp/vu/JVNVU98228725/index.html https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: