CVE-2022-29519

Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01 Mitigation Third Party Advisory US Government Resource
https://jvn.jp/vu/JVNVU95452299/index.html Mitigation Third Party Advisory VDB Entry
https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf Mitigation Vendor Advisory
https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf Mitigation Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:yokogawa:stardom_fcj_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:stardom_fcj:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:yokogawa:stardom_fcn_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:stardom_fcn:-:*:*:*:*:*:*:*

Information

Published : 2022-06-28 06:15

Updated : 2022-07-08 07:57


NVD link : CVE-2022-29519

Mitre link : CVE-2022-29519


JSON object : View

CWE
CWE-319

Cleartext Transmission of Sensitive Information

Products Affected

yokogawa

  • stardom_fcj_firmware
  • stardom_fcn_firmware
  • stardom_fcj
  • stardom_fcn