Default Password Vulnerability in FAST/TOOLS and CI Server by Yokogawa
CVE-2024-4106

5.3MEDIUM

Key Information:

Vendor
CVE Published:
26 June 2024

Summary

A vulnerability exists in Yokogawa's FAST/TOOLS and CI Server, where built-in accounts lack passwords by default. If these products are not secured with a custom password, attackers can gain unauthorized access, potentially compromising sensitive data and configuration settings. Users are advised to ensure that all default accounts are secured and protected with strong passwords to mitigate the risk of exploitation.

Affected Version(s)

CI Server R1.01.00

FAST/TOOLS R9.01

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.