CVE-2025-1863
published 2025-04-18CVE-2025-1863: Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation. The default setting of the authentication function is…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.65%
46.4th percentile
Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation. The default setting of the authentication function is disabled on the affected products. Therefore, when connected to a network with default settings, anyone can access all functions related to settings and operations. As a result, an attacker can illegally manipulate and configure important data such as measured values and settings.
This issue affects GX10 / GX20 / GP10 / GP20 Paperless Recorders: R5.04.01 or earlier; GM Data Acquisition System: R5.05.01 or earlier; DX1000 / DX2000 / DX1000N Paperless Recorders: R4.21 or earlier; FX1000 Paperless Recorders: R1.31 or earlier; μR10000 / μR20000 Chart Recorders: R1.51 or earlier; MW100 Data Acquisition Units: All versions; DX1000T / DX2000T Paperless Recorders: All versions; CX1000 / CX2000 Paperless Recorders: All versions.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yokogawa_electric_corporation | cx1000_cx2000_paperless_recorders | — | — |
| yokogawa_electric_corporation | dx1000_dx2000_dx1000n_paperless_recorders | — | — |
| yokogawa_electric_corporation | dx1000t_dx2000t_paperless_recorders | — | — |
| yokogawa_electric_corporation | fx1000_paperless_recorders | — | — |
| yokogawa_electric_corporation | gm_data_acquisition_system | — | — |
| yokogawa_electric_corporation | gx10_gx20_gp10_gp20_paperless_recorders | — | — |
| yokogawa_electric_corporation | mw100_data_acquisition_units | — | — |
| yokogawa_electric_corporation | r10000_r20000_chart_recorders | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Authentication is disabled by default on affected Yokogawa recorder products; any unauthenticated network request to device settings/operations endpoints should be treated as suspicious and investigated ↗
- →Detect unauthenticated access attempts to Yokogawa recorder HTTP/management interfaces on the network; absence of authentication headers/credentials in sessions targeting these devices is a key indicator ↗
- →Monitor for unauthorized changes to measured values or configuration settings on Yokogawa GX10, GX20, GP10, GP20, GM, DX1000, DX2000, DX1000N, FX1000, μR10000, μR20000, MW100, DX1000T, DX2000T, CX1000, CX2000 devices — such changes without a corresponding authenticated session indicate exploitation ↗
- ·Authentication is OFF by default on all affected product lines; devices must be manually configured to enable the login function before network connection ↗
- ·MW100 Data Acquisition Units, DX1000T/DX2000T Paperless Recorders, and CX1000/CX2000 Paperless Recorders have no patched firmware version available — all versions are affected and mitigation relies solely on enabling authentication and network isolation ↗
- ·Default passwords must be changed after enabling authentication; leaving the default password set after enabling the login function does not adequately mitigate the risk ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5rj6-rcrv-5v5p: Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation
ghsa_unreviewed·2025-04-18
CVE-2025-1863 [CRITICAL] CWE-1188 GHSA-5rj6-rcrv-5v5p: Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation
Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation. The default setting of the authentication function is disabled on the affected products. Therefore, when connected to a network with default settings, anyone can access all functions related to settings and operations. As a result, an attacker can illegally manipulate and configure important data such as measured values and settings.
This issue affects GX10 / GX20 / GP10 / GP20 Paperless Recorders: R5.04.01 or earlier; GM Data Acquisition System: R5.05.01 or earlier; DX1000 / DX2000 / DX1000N Paperless Recorders: R4.21 or earlier; FX1000 Paperless Recorders: R1.31 or earlier; μR10000 / μR20000 Chart Recorders: R1.51 or earlier; MW100 Data Acquisition Units: All versions; DX1000T / DX20
Red Hat
kernel: sctp: handle the error returned from sctp_auth_asoc_init_active_key
vendor_redhat·2025-09-15·CVSS 7.8
CVE-2022-50243 [HIGH] CWE-324 kernel: sctp: handle the error returned from sctp_auth_asoc_init_active_key
kernel: sctp: handle the error returned from sctp_auth_asoc_init_active_key
In the Linux kernel, the following vulnerability has been resolved:
sctp: handle the error returned from sctp_auth_asoc_init_active_key
When it returns an error from sctp_auth_asoc_init_active_key(), the
active_key is actually not updated. The old sh_key will be freeed
while it's still used as active key in asoc. Then an use-after-free
will be triggered when sending patckets, as found by syzbot:
sctp_auth_shkey_hold+0x22/0xa0 net/sctp/auth.c:112
sctp_set_owner_w net/sctp/socket.c:132 [inline]
sctp_sendmsg_to_asoc+0xbd5/0x1a20 net/sctp/socket.c:1863
sctp_sendmsg+0x1053/0x1d50 net/sctp/socket.c:2025
inet_sendmsg+0x99/0xe0 net/ipv4/af_inet.c:819
sock_sendmsg_nosec net/socket.c:714 [inline]
sock_sendmsg+0xcf/0x120 net
CISA ICS
Yokogawa Recorder Products
cisa_ics·2025-04-17·CVSS 9.8
[CRITICAL] Yokogawa Recorder Products
ICS Advisory
##
Yokogawa Recorder Products
Release DateApril 17, 2025
Alert CodeICSA-25-107-04
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 9.3
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Yokogawa
- Equipment: GX10, GX20, GP10, GP20, GM Data Acquisition System, DX1000, DX2000, DX1000N, FX1000, μR10000, μR20000, MW100, DX1000T, DX2000T, CX1000, CX2000
- Vulnerability: Missing Authentication for Critical Function
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to manipulate information on the affected products.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Yokogawa recorder p
No detection rules found.
No public exploits indexed.
2025-04-18
Published