Yokogawa STARDOM FCN Firmware R4.31

CPE Details

Yokogawa STARDOM FCN Firmware R4.31
yokogawa
stardom_fcn_firmware
r4.31
2022-07-06
13h53 +00:00
2022-07-07
12h15 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.31:*:*:*:*:*:*:*

Informations

Vendor

yokogawa

Product

stardom_fcn_firmware

Version

r4.31

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-5915 2023-12-01 06h12 +00:00 A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the controller’s operation is not stopped by the condition. The affected products and versions are as follows: STARDOM FCN/FCJ R1.01 to R4.31.
5.3
Medium
CVE-2022-30997 2022-06-28 08h06 +00:00 Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.
7.2
High
CVE-2022-29519 2022-06-28 08h05 +00:00 Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.