CVE-2025-7741

Hardcoded Password Vulnerability have been found in CENTUM. Affected products contain a hardcoded password for the user account PROG used for CENTUM Authentication Mode within the system. Under the following conditions, there is a risk that an attacker could log in as the PROG user. The default...

Vulnerability fixed in Yokogawa Centum controller FCS products

Yokogawa has fixed a vulnerability in Centum controller FCS products. A malicious party could potentially exploit it to cause a denial-of-service. To exploit the vulnerability, the malicious party needs access to the production infrastructure. It is good practice not to have such infrastructure...

The vulnerability of the BKBCopyD.exe component in Yokogawa’s software products allows a hacker to execute arbitrary code with user privileges of the CENTUM system.

The vulnerability of the “BKBCopyD.exe” service in Yokogawa’s software products is caused by buffer overflow based on a stack. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code with user privileges of CENTUM, by sending a specially created package to...

The vulnerability of the BKHOdeq.exe component in Yokogawa’s software products allows a hacker to execute arbitrary code with user privileges of the CENTUM system.

The vulnerability of the “BKHOdeq.exe” service in Yokogawa’s software products is caused by a buffer overflow based on a stack. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code with user privileges of CENTUM, by sending a specially created package to...