cbcvebase.
CVE-2018-10592
published 2018-07-31

CVE-2018-10592: Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and…

PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
6.94%
93.3th percentile
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution.

Affected

8 ranges
VendorProductVersion rangeFixed in
yokogawafcj_firmware<= r4.02
yokogawafcn-100_firmware<= r4.02
yokogawafcn-500_firmware<= r4.02
yokogawafcn-rtu_firmware<= r4.02
yokogawastardom_fcj_controllers
yokogawastardom_fcn-100_controllers
yokogawastardom_fcn-500_controllers
yokogawastardom_fcn-rtu_controllers

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2018-10592 involves hard-coded credentials on Yokogawa STARDOM FCJ, FCN-100, FCN-RTU, and FCN-500 controllers (R4.02 and prior, later extended to R4.10 and prior); detect unauthorized administrative access attempts leveraging static credentials against these devices
  • Exploitation is remotely possible with low skill level required; monitor for unexpected administrative sessions or remote code execution activity on STARDOM controller management interfaces
  • No known public exploits specifically target this vulnerability as of advisory publication; prioritize detection of anomalous authentication successes on affected controllers rather than known exploit signatures
  • ·The hard-coded credential vulnerability (CVE-2018-10592) is NOT fully remediated by upgrading to R4.20; Yokogawa instead recommends packet filtering and network communication restrictions as the primary mitigation for this specific CVE
  • ·A companion vulnerability CVE-2018-17896 also involves hard-coded credentials but is scoped to maintenance functions and requires user interaction; do not conflate with CVE-2018-10592 which requires no interaction and no privileges

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.