An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.
References
Link | Resource |
---|---|
http://jvn.jp/vu/JVNVU98228725/index.html | Third Party Advisory |
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/ | Vendor Advisory |
http://jvn.jp/vu/JVNVU98228725/index.html | Third Party Advisory |
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:45
Type | Values Removed | Values Added |
---|---|---|
References | () http://jvn.jp/vu/JVNVU98228725/index.html - Third Party Advisory | |
References | () https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/ - Vendor Advisory |
Information
Published : 2019-12-26 16:15
Updated : 2024-11-21 04:45
NVD link : CVE-2019-6008
Mitre link : CVE-2019-6008
CVE.ORG link : CVE-2019-6008
JSON object : View
Products Affected
yokogawa
- exaquantum
- exaopc
- exaplog
- exaquantum\/batch
- ga10
- insightsuiteae
- exarqe
- exasmoc
CWE
CWE-428
Unquoted Search Path or Element