Vulnerabilities > Yokogawa

DATE CVE VULNERABILITY TITLE RISK
2023-12-01 CVE-2023-5915 Unspecified vulnerability in Yokogawa Stardom FCJ Firmware and Stardom FCN Firmware
A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet.
network
low complexity
yokogawa
5.3
2023-04-11 CVE-2023-26593 Cleartext Storage of Sensitive Information vulnerability in Yokogawa products
CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information.
local
low complexity
yokogawa CWE-312
7.8
2022-10-24 CVE-2022-40984 Out-of-bounds Write vulnerability in Yokogawa Wtviewere 761941 and Wtviewerefree
Stack-based buffer overflow in WTViewerE series WTViewerE 761941 from 1.31 to 1.61 and WTViewerEfree from 1.01 to 1.52 allows an attacker to cause the product to crash by processing a long file name.
network
low complexity
yokogawa CWE-787
critical
9.8
2022-08-16 CVE-2022-33939 Unspecified vulnerability in Yokogawa products
CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption.
network
low complexity
yokogawa
7.5
2022-07-04 CVE-2022-32284 Use of Insufficiently Random Values vulnerability in Yokogawa Aw810D Firmware R12
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router (WAC Router) AW810D, which may allow a remote attacker to cause denial-of-service (DoS) condition by sending a specially crafted packet.
network
low complexity
yokogawa CWE-330
7.8
2022-06-28 CVE-2022-29519 Cleartext Transmission of Sensitive Information vulnerability in Yokogawa Stardom FCJ Firmware and Stardom FCN Firmware
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
7.9
2022-06-28 CVE-2022-30707 Unspecified vulnerability in Yokogawa products
Violation of secure design principles exists in the communication of CAMS for HIS.
low complexity
yokogawa
8.8
2022-06-28 CVE-2022-30997 Use of Hard-coded Credentials vulnerability in Yokogawa Stardom FCJ Firmware and Stardom FCN Firmware
Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
network
low complexity
yokogawa CWE-798
7.2
2022-04-15 CVE-2022-26034 Improper Authentication vulnerability in Yokogawa B/M9000 VP and Centum VP
Improper authentication vulnerability in the communication protocol provided by AD (Automation Design) server of CENTUM VP R6.01.10 to R6.09.00, CENTUM VP Small R6.01.10 to R6.09.00, CENTUM VP Basic R6.01.10 to R6.09.00, and B/M9000 VP R8.01.01 to R8.03.01 allows an attacker to use the functions provided by AD server.
network
yokogawa CWE-287
5.8
2022-04-15 CVE-2022-27188 OS Command Injection vulnerability in Yokogawa B/M9000 VP and Centum VP
OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute an arbitrary OS command by altering a file generated using Graphic Builder.
4.4