CVE-2024-4106

🗓️ 26 Jun 2024 05:30:33Reported by YokogawaGroupType

Vulnerability in FAST/TOOLS and CI Server due to built-in accounts with no password

Reporter	Title	Published	Views	Family All 6
CNNVD	Yokogawa FAST/TOOLS Security Breach	26 Jun 202400:00	–	cnnvd
Cvelist	CVE-2024-4106	26 Jun 202405:30	–	cvelist
EUVD	EUVD-2024-32668	3 Oct 202520:07	–	euvd
ICS	Yokogawa FAST/TOOLS and CI Server	27 Jun 202406:00	–	ics
NVD	CVE-2024-4106	26 Jun 202406:15	–	nvd
Vulnrichment	CVE-2024-4106	26 Jun 202405:30	–	vulnrichment

[
  {
    "defaultStatus": "unknown",
    "product": "FAST/TOOLS",
    "vendor": "Yokogawa Electric Corporation",
    "versions": [
      {
        "lessThanOrEqual": "R10.04",
        "status": "affected",
        "version": "R9.01",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unknown",
    "product": "CI Server",
    "vendor": "Yokogawa Electric Corporation",
    "versions": [
      {
        "lessThanOrEqual": "R1.03.00",
        "status": "affected",
        "version": "R1.01.00",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
web-material3	www.web-material3.yokogawa.com/1/36059/files/YSAR-24-0001-E.pdf

15 Apr 2026 00:35Current

7High risk

Vulners AI Score7

CVSS 3.15.3

EPSS0.00091

SSVC

CWE-258

vulnerability fast/tools ci server built-in accounts no passwords attacker product security cve-2024-4106