Insecure Default Settings in Yokogawa Electric Products
CVE-2025-1863
Key Information:
- Status
- Vendor
- CVE Published:
- 18 April 2025
Summary
Yokogawa Electric Corporation's recorder products are impacted by insecure default settings that leave authentication functions disabled. This flaw allows unauthorized users to access and manipulate critical operational settings and data whenever the products are connected to a network with the default configuration. Users may unknowingly expose themselves to potential data tampering and misconfiguration, thereby compromising the integrity of the collected information. Effective security practices necessitate immediate attention to configuring device authentication settings appropriately to mitigate these risks.
Affected Version(s)
CX1000 / CX2000 Paperless Recorders All versions
DX1000 / DX2000 / DX1000N Paperless Recorders R4.21 or earlier
DX1000T / DX2000T Paperless Recorders All versions
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved