Yokogawa Fcj Firmware vulnerabilities
5 known vulnerabilities affecting yokogawa/fcj_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-10592P2CRITICALCVSS 9.8≤ r4.022018-07-31
CVE-2018-10592 [CRITICAL] CWE-798 CVE-2018-10592: Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU contr
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution.
nvd
CVE-2018-17900P3CRITICALCVSS 9.8≤ r4.102018-10-12
CVE-2018-17900 [CRITICAL] CWE-522 CVE-2018-17900: Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web a
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers.
nvd
CVE-2018-17896P3HIGHCVSS 8.1≤ r4.102018-10-12
CVE-2018-17896 [HIGH] CWE-798 CVE-2018-17896: Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affec
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access to the maintenance functions and obtain or modify information. This attack can be executed only during maintenance work.
nvd
CVE-2018-17898P3HIGHCVSS 7.5≤ r4.102018-10-12
CVE-2018-17898 [HIGH] CWE-400 CVE-2018-17898: Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The contro
Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. This could allow an attacker to cause the controller to become unstable.
nvd
CVE-2018-17902P4MEDIUMCVSS 5.3≤ r4.102018-10-12
CVE-2018-17902 [MEDIUM] CWE-384 CVE-2018-17902: Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The appli
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The application utilizes multiple methods of session management which could result in a denial of service to the remote management functions.
nvd