Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Yokogawa Subscribe
Filtered by product Fcj Firmware
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-17902 1 Yokogawa 8 Fcj, Fcj Firmware, Fcn-100 and 5 more 2019-10-09 5.0 MEDIUM 5.3 MEDIUM
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The application utilizes multiple methods of session management which could result in a denial of service to the remote management functions.
CVE-2018-17896 1 Yokogawa 8 Fcj, Fcj Firmware, Fcn-100 and 5 more 2019-10-09 9.3 HIGH 8.1 HIGH
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access to the maintenance functions and obtain or modify information. This attack can be executed only during maintenance work.
CVE-2018-17898 1 Yokogawa 8 Fcj, Fcj Firmware, Fcn-100 and 5 more 2019-10-09 7.8 HIGH 7.5 HIGH
Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. This could allow an attacker to cause the controller to become unstable.
CVE-2018-17900 1 Yokogawa 8 Fcj, Fcj Firmware, Fcn-100 and 5 more 2019-10-09 5.0 MEDIUM 9.8 CRITICAL
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers.
CVE-2018-10592 1 Yokogawa 8 Fcj, Fcj Firmware, Fcn-100 and 5 more 2019-10-09 10.0 HIGH 9.8 CRITICAL
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution.