Vulnerability Description
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yokogawa | Fcj Firmware | <= r4.10 |
| Yokogawa | Fcj | - |
| Yokogawa | Fcn-100 Firmware | <= r4.10 |
| Yokogawa | Fcn-100 | - |
| Yokogawa | Fcn-Rtu Firmware | <= r4.10 |
| Yokogawa | Fcn-Rtu | - |
| Yokogawa | Fcn-500 Firmware | <= r4.10 |
| Yokogawa | Fcn-500 | - |
Related Weaknesses (CWE)
References
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03Third Party AdvisoryUS Government Resource
- https://web-material3.yokogawa.com/YSAR-18-0007-E.pdfVendor Advisory
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03Third Party AdvisoryUS Government Resource
- https://web-material3.yokogawa.com/YSAR-18-0007-E.pdfVendor Advisory
FAQ
What is CVE-2018-17900?
CVE-2018-17900 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for r...
How severe is CVE-2018-17900?
CVE-2018-17900 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-17900?
Check the references section above for vendor advisories and patch information. Affected products include: Yokogawa Fcj Firmware, Yokogawa Fcj, Yokogawa Fcn-100 Firmware, Yokogawa Fcn-100, Yokogawa Fcn-Rtu Firmware.