CVE-2019-6008
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An unquoted search path vulnerability in Multiple Yokogawa products for Windows (Exaopc (R1.01.00 ? R3.77.00), Exaplog (R1.10.00 ? R3.40.00), Exaquantum (R1.10.00 ? R3.02.00 and R3.15.00), Exaquantum/Batch (R1.01.00 ? R2.50.40), Exasmoc (all revisions), Exarqe (all revisions), GA10 (R1.01.01 ? R3.05.01), and InsightSuiteAE (R1.01.00 ? R1.06.00)) allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges.
Una vulnerabilidad de ruta de búsqueda sin comillas en varios productos de Yokogawa para Windows (Exaopc (R1.01.00 hasta R3.77.00), Exaplog (R1.10.00 hasta R3.40.00), Exaquantum (R1.10.00 hasta R3.02.00 y R3.15.00), Exaquantum/Batch (R1.01.00 hasta R2.50.40), Exasmoc (todas las revisiones), Exarqe (todas las revisiones), GA10 (R1.01.01 hasta R3.05.01) e InsightSuiteAE (R1.01.00 hasta R1.06.00)), permite a usuarios locales alcanzar privilegios por medio de un archivo ejecutable de tipo caballo de Troya y ejecutar código arbitrario con privilegios elevados.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-10 CVE Reserved
- 2019-12-26 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-428: Unquoted Search Path or Element
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://jvn.jp/vu/JVNVU98228725/index.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list | 2020-01-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Yokogawa Search vendor "Yokogawa" | Exaopc Search vendor "Yokogawa" for product "Exaopc" | >= r1.01.00 <= r3.77.00 Search vendor "Yokogawa" for product "Exaopc" and version " >= r1.01.00 <= r3.77.00" | windows |
Affected
| ||||||
| Yokogawa Search vendor "Yokogawa" | Exaplog Search vendor "Yokogawa" for product "Exaplog" | >= r1.10.00 <= r3.30.00 Search vendor "Yokogawa" for product "Exaplog" and version " >= r1.10.00 <= r3.30.00" | windows |
Affected
| ||||||
| Yokogawa Search vendor "Yokogawa" | Exaquantum Search vendor "Yokogawa" for product "Exaquantum" | >= r1.10.00 <= r3.02.00 Search vendor "Yokogawa" for product "Exaquantum" and version " >= r1.10.00 <= r3.02.00" | windows |
Affected
| ||||||
| Yokogawa Search vendor "Yokogawa" | Exaquantum\/batch Search vendor "Yokogawa" for product "Exaquantum\/batch" | >= r1.01.00 <= r2.50.40 Search vendor "Yokogawa" for product "Exaquantum\/batch" and version " >= r1.01.00 <= r2.50.40" | windows |
Affected
| ||||||
| Yokogawa Search vendor "Yokogawa" | Exarqe Search vendor "Yokogawa" for product "Exarqe" | * | windows |
Affected
| ||||||
| Yokogawa Search vendor "Yokogawa" | Exasmoc Search vendor "Yokogawa" for product "Exasmoc" | * | windows |
Affected
| ||||||
| Yokogawa Search vendor "Yokogawa" | Ga10 Search vendor "Yokogawa" for product "Ga10" | >= r1.01.01 <= r3.05.01 Search vendor "Yokogawa" for product "Ga10" and version " >= r1.01.01 <= r3.05.01" | windows |
Affected
| ||||||
| Yokogawa Search vendor "Yokogawa" | Insightsuiteae Search vendor "Yokogawa" for product "Insightsuiteae" | >= r1.01.00 <= r1.06.00 Search vendor "Yokogawa" for product "Insightsuiteae" and version " >= r1.01.00 <= r1.06.00" | windows |
Affected
| ||||||