CVE-2014-5208
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2014-5208
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authentication, which allows remote attackers to read arbitrary files via a RETR operation, write to arbitrary files via a STOR operation, or obtain sensitive database-location information via a PMODE operation, a different vulnerability than CVE-2014-0784.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Yokogawa产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Yokogawa CENTUM CS等都是日本横河电机(Yokogawa)公司的产品。Yokogawa CENTUM CS和CENTUM VP都是大型生产控制系统。Exaopc是一款OPC数据访问服务器。 多款Yokogawa产品的Batch Management Packages中的BKBCopyD.exe文件存在安全漏洞,该漏洞源于程序没有要求身份验证。远程攻击者可借助RETR操作利用该漏洞读取任意文件;借助STOR操作利用该漏洞写入任意文件;借助PMODE操作利用该漏洞获取敏感的database-l
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2014-5208
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2014-5208
Please Login to view more intelligence information
- http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0003E.pdfx_refsource_CONFIRM
- https://ics-cert.us-cert.gov/advisories/ICSA-14-260-01Ax_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2014-5208
Same Patch Batch · n/a · 2014-12-22 · 10 CVEs total
| CVE-2014-8015 | Cisco Identity Services Engine Sponsor Portal 权限许可和访问控制漏洞 | |
| CVE-2014-8017 | Cisco Identity Services Engine periodic-backup功能信息泄露漏洞 | |
| CVE-2014-8018 | Cisco Unified Communications Domain Manager 跨站脚本漏洞 | |
| CVE-2014-8992 | Modx Revolution 跨站脚本漏洞 | |
| CVE-2014-8896 | IBM InfoSphere MDM Server for PIM和InfoSphere MDM - Collaborative Edition 授权问题漏洞 | |
| CVE-2014-8897 | IBM InfoSphere MDM Server for PIM和InfoSphere MDM - Collaborative Edition 跨站脚本漏洞 | |
| CVE-2014-8898 | IBM InfoSphere MDM Server for PIM和InfoSphere MDM - Collaborative Edition 跨站脚本漏洞 | |
| CVE-2014-8899 | IBM InfoSphere MDM Server for PIM和InfoSphere MDM - Collaborative Edition 跨站脚本漏洞 | |
| CVE-2014-7286 | Symantec Deployment Solution 缓冲区溢出漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2014-5208
No comments yet