Lucene search

PRIOn knowledge basePRION:CVE-2023-5915

HistoryDec 01, 2023 - 7:15 a.m.

Design/Logic Flaw

2023-12-0107:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

stardom

remote attacker

denial-of-service

controller

crafted packet

maintenance homepage

affected products.

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.8%

JSON

A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the controller’s operation is not stopped by the condition.

The affected products and versions are as follows: STARDOM FCN/FCJ R1.01 to R4.31.

CPENameOperatorVersion
stardom_fcj_firmwareeq>= r1.1 AND <= r4.31
stardom_fcn_firmwareeq>= r1.1 AND <= r4.31

CPE	Name	Operator	Version
	stardom_fcj_firmware	eq	>= r1.1 AND <= r4.31
	stardom_fcn_firmware	eq	>= r1.1 AND <= r4.31

References

jvn.jp/vu/JVNVU95177889/index.html

web-material3.yokogawa.com/1/35463/files/YSAR-23-0003-E.pdf

www.cisa.gov/news-events/ics-advisories/icsa-23-334-02