Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-17902 | 1 Yokogawa | 8 Fcj, Fcj Firmware, Fcn-100 and 5 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The application utilizes multiple methods of session management which could result in a denial of service to the remote management functions. | |||||
CVE-2018-17900 | 1 Yokogawa | 8 Fcj, Fcj Firmware, Fcn-100 and 5 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers. | |||||
CVE-2018-17898 | 1 Yokogawa | 8 Fcj, Fcj Firmware, Fcn-100 and 5 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. This could allow an attacker to cause the controller to become unstable. | |||||
CVE-2018-17896 | 1 Yokogawa | 8 Fcj, Fcj Firmware, Fcn-100 and 5 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access to the maintenance functions and obtain or modify information. This attack can be executed only during maintenance work. | |||||
CVE-2018-10592 | 1 Yokogawa | 8 Fcj, Fcj Firmware, Fcn-100 and 5 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution. |