Vulnerability Description
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yokogawa | Fcj Firmware | <= r4.02 |
| Yokogawa | Fcj | - |
| Yokogawa | Fcn-100 Firmware | <= r4.02 |
| Yokogawa | Fcn-100 | - |
| Yokogawa | Fcn-Rtu Firmware | <= r4.02 |
| Yokogawa | Fcn-Rtu | - |
| Yokogawa | Fcn-500 Firmware | <= r4.02 |
| Yokogawa | Fcn-500 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104376Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03Third Party AdvisoryUS Government Resource
- https://web-material3.yokogawa.com/1/6712/details/YSAR-18-0004-E.pdfVendor Advisory
- http://www.securityfocus.com/bid/104376Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03Third Party AdvisoryUS Government Resource
- https://web-material3.yokogawa.com/1/6712/details/YSAR-18-0004-E.pdfVendor Advisory
FAQ
What is CVE-2018-10592?
CVE-2018-10592 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that ...
How severe is CVE-2018-10592?
CVE-2018-10592 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-10592?
Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Fcj Firmware, Yokogawa Fcj, Yokogawa Fcn-100 Firmware, Yokogawa Fcn-100, Yokogawa Fcn-Rtu Firmware.