Default Password Vulnerability in FAST/TOOLS and CI Server by Yokogawa
CVE-2024-4106
5.3MEDIUM
Key Information:
- Status
- Vendor
- CVE Published:
- 26 June 2024
Summary
A vulnerability exists in Yokogawa's FAST/TOOLS and CI Server, where built-in accounts lack passwords by default. If these products are not secured with a custom password, attackers can gain unauthorized access, potentially compromising sensitive data and configuration settings. Users are advised to ensure that all default accounts are secured and protected with strong passwords to mitigate the risk of exploitation.
Affected Version(s)
CI Server R1.01.00
FAST/TOOLS R9.01
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved