Vulnerabilities > Yokogawa > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-11 | CVE-2023-26593 | Cleartext Storage of Sensitive Information vulnerability in Yokogawa products CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information. | 7.8 |
2022-08-16 | CVE-2022-33939 | Unspecified vulnerability in Yokogawa products CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in processing communication packets, which may lead to resource consumption. | 7.5 |
2022-07-04 | CVE-2022-32284 | Use of Insufficiently Random Values vulnerability in Yokogawa Aw810D Firmware R12 Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of YOKOGAWA Wide Area Communication Router (WAC Router) AW810D, which may allow a remote attacker to cause denial-of-service (DoS) condition by sending a specially crafted packet. | 7.8 |
2022-06-28 | CVE-2022-29519 | Cleartext Transmission of Sensitive Information vulnerability in Yokogawa Stardom FCJ Firmware and Stardom FCN Firmware Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware. | 7.9 |
2022-06-28 | CVE-2022-30707 | Unspecified vulnerability in Yokogawa products Violation of secure design principles exists in the communication of CAMS for HIS. low complexity yokogawa | 8.8 |
2022-06-28 | CVE-2022-30997 | Use of Hard-coded Credentials vulnerability in Yokogawa Stardom FCJ Firmware and Stardom FCN Firmware Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware. | 7.2 |
2022-03-18 | CVE-2020-16232 | Classic Buffer Overflow vulnerability in Yokogawa Widefield3 In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project file. | 7.5 |
2022-03-11 | CVE-2022-23402 | Use of Hard-coded Credentials vulnerability in Yokogawa products The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00 | 7.5 |
2020-08-05 | CVE-2020-5609 | Path Traversal vulnerability in Yokogawa products Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors. | 7.5 |
2020-08-05 | CVE-2020-5608 | Improper Authentication vulnerability in Yokogawa products CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered communication packets via unspecified vectors. | 7.5 |