Lucene search
K

34 matches found

Prion
Prion
added 2022/06/28 1:15 p.m.23 views

Design/Logic Flaw

Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware...

7.9CVSS7.3AI score0.00377EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2022/06/28 10:6 a.m.28 views

CVE-2022-30997

Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware...

7.3AI score0.01428EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/06/28 10:6 a.m.17 views

CVE-2022-30997

Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware...

7AI score0.01428EPSS
Exploits0References4
CVE
CVE
added 2022/06/28 10:6 a.m.84 views

CVE-2022-30997

CVE-2022-30997 affects Yokogawa STARDOM FCN/FCJ controllers (R4.10–R4.31). The root cause is hard-coded credentials, enabling an attacker with administrative privileges to read/change configuration settings or update the controller with tampered firmware. Public sources from NVD/Red Hat add detai...

9CVSS7AI score0.01428EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2022/06/28 10:5 a.m.76 views

CVE-2022-29519

CVE-2022-29519 affects Yokogawa STARDOM FCN/FCJ controllers (R1.01–R4.31; dual CPU modules R4.10–R4.31) and involves cleartext transmission of sensitive information, enabling an adjacent attacker to read/alter configuration or tamper firmware. The issue is complemented by CVE-2022-30997 (hard-cod...

7.9CVSS7.3AI score0.00377EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2022/06/28 10:5 a.m.30 views

CVE-2022-29519

Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware...

7.5AI score0.00377EPSS
Exploits0References4
NVD
NVD
added 2018/10/12 2:29 p.m.18 views

CVE-2018-17900

Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers...

9.8CVSS9.5AI score0.01865EPSS
Exploits0References2
CVE
CVE
added 2018/10/12 2:0 p.m.52 views

CVE-2018-17902

The CVE-2018-17902 entry applies to Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, and FCN-500 (R4.10 and prior). The issue is due to multiple session-management methods that could lead to a denial of service of remote management functions (Session Fixation/Wrong handling). The ICS advisory ...

5.3CVSS5.3AI score0.01107EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/10/12 2:0 p.m.59 views

CVE-2018-17900

Yokogawa STARDOM Controllers (FCJ, FCN-100, FCN-RTU, FCN-500; all versions R4.10 and prior) are affected by CVE-2018-17900 due to the web application’s insufficient protection of credentials, enabling an attacker to obtain remote-access credentials. The issue stems from inadequate credential hand...

9.8CVSS9.2AI score0.01865EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/10/12 2:0 p.m.62 views

CVE-2018-17896

CVE-2018-17896 affects Yokogawa STARDOM controllers FCJ, FCN-100, FCN-RTU, FCN-500 (versions R4.10 and earlier). The vulnerability stems from hard-coded credentials that could allow an attacker to gain unauthorized maintenance access and view/modify information, with exploitation possible during ...

9.3CVSS8AI score0.01215EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/10/12 2:0 p.m.57 views

CVE-2018-17898

CVE-2018-17898 affects Yokogawa STARDOM Controllers (FCJ, FCN-100, FCN-RTU, FCN-500) on R4.10 and earlier. The issue is memory exhaustion caused by unauthorized requests, potentially making the controller unstable. Update/mitigation: Yokogawa states the memory exhaustion vulnerability is addresse...

7.8CVSS7.3AI score0.0125EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2016/09/19 1:59 a.m.15 views

CVE-2016-4860

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a 1 stop application program, 2 change value, or 3 modify application command...

7.5CVSS7.3AI score0.02649EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/09/19 1:0 a.m.23 views

CVE-2016-4860

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a 1 stop application program, 2 change value, or 3 modify application command...

7.3AI score0.02649EPSS
Exploits0References3
CVE
CVE
added 2016/09/19 1:0 a.m.37 views

CVE-2016-4860

CVE-2016-4860 affects Yokogawa STARDOM FCN/FCJ controllers (R1.01–R4.01). The root cause is an authentication bypass in Logic Designer connections, allowing remote attackers to reconfigure the device or trigger a denial of service (stop application program, change value, modify application comman...

7.5CVSS7.2AI score0.02649EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder