Use of Hard-Coded Credentials in STARDOM FCN and FCJ Controllers by Yokogawa
CVE-2022-30997

7.2HIGH

Key Information:

Vendor

Yokogawa Electric Corporation

Status
Stardom Controller
Vendor
CVE Published:
28 June 2022

What is CVE-2022-30997?

A vulnerability affecting the STARDOM FCN Controller and FCJ Controller has been identified where hard-coded credentials are utilized. This security flaw may allow an attacker with administrative privileges to read or alter configuration settings. Furthermore, it poses a risk of enabling the update of the controller with tampered firmware, significantly compromising the system’s integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

STARDOM Controller STARDOM FCN Controller and FCJ Controller R4.10 to R4.31

References

https://web-material3.yokogawa.com/1/32885/files/YSAR-22-...
x_refsource_MISC
https://web-material3.yokogawa.com/19/32885/files/YSAR-22...
x_refsource_MISC
https://jvn.jp/vu/JVNVU95452299/index.html
x_refsource_MISC

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.