Lucene search

7168b535-132a-4efe-a076-338f829b2eb9NVD:CVE-2023-5915

HistoryDec 01, 2023 - 7:15 a.m.

CVE-2023-5915

2023-12-0107:15:12

CWE-400

7168b535-132a-4efe-a076-338f829b2eb9

web.nvd.nist.gov

vulnerability

uncontrolled resource consumption

yokogawa electric corporation

stardom

denial-of-service

fcn

fcj

controller

crafted packet

maintenance homepage

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

41.8%

JSON

A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the controller’s operation is not stopped by the condition.

The affected products and versions are as follows: STARDOM FCN/FCJ R1.01 to R4.31.

Affected configurations

NVD

Node

yokogawastardom_fcjMatch-

AND

yokogawastardom_fcj_firmwareRanger1.01–r4.31

Node

yokogawastardom_fcnMatch-

AND

yokogawastardom_fcn_firmwareRanger1.01–r4.31

References

jvn.jp/vu/JVNVU95177889/index.html

web-material3.yokogawa.com/1/35463/files/YSAR-23-0003-E.pdf

www.cisa.gov/news-events/ics-advisories/icsa-23-334-02

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

41.8%

JSON

Related for NVD:CVE-2023-5915