Vulnerability Details CVE-2018-10592
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.08
EPSS Ranking 91.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.securityfocus.com/bid/104376
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03
- https://web-material3.yokogawa.com/1/6712/details/YSAR-18-0004-E.pdf
- http://www.securityfocus.com/bid/104376
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03
- https://web-material3.yokogawa.com/1/6712/details/YSAR-18-0004-E.pdf
Products affected by CVE-2018-10592
-
cpe:2.3:h:yokogawa:fcj:-
-
cpe:2.3:h:yokogawa:fcn-100:-
-
cpe:2.3:h:yokogawa:fcn-500:-
-
cpe:2.3:h:yokogawa:fcn-rtu:-
-
cpe:2.3:o:yokogawa:fcj_firmware:r1.60
-
cpe:2.3:o:yokogawa:fcj_firmware:r1.70
-
cpe:2.3:o:yokogawa:fcj_firmware:r1.80
-
cpe:2.3:o:yokogawa:fcj_firmware:r1.85
-
cpe:2.3:o:yokogawa:fcj_firmware:r1.86
-
cpe:2.3:o:yokogawa:fcj_firmware:r1.90
-
cpe:2.3:o:yokogawa:fcj_firmware:r2.01
-
cpe:2.3:o:yokogawa:fcj_firmware:r2.10
-
cpe:2.3:o:yokogawa:fcj_firmware:r2.20
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.01
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.02
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.03
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.10
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.20
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.30
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.40
-
cpe:2.3:o:yokogawa:fcj_firmware:r3.50
-
cpe:2.3:o:yokogawa:fcj_firmware:r4.02
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r1.60
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r1.70
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r1.80
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r1.85
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r1.86
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r1.90
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r2.01
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r2.10
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r2.20
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.01
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.02
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.03
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.10
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.20
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.30
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.40
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r3.50
-
cpe:2.3:o:yokogawa:fcn-100_firmware:r4.02
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r1.60
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r1.70
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r1.80
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r1.85
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r1.86
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r1.90
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r2.01
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r2.10
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r2.20
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.01
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.02
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.03
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.10
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.20
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.30
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.40
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r3.50
-
cpe:2.3:o:yokogawa:fcn-500_firmware:r4.02
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r1.60
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r1.70
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r1.80
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r1.85
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r1.86
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r1.90
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r2.01
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r2.10
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r2.20
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.01
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.02
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.03
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.10
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.20
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.30
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.40
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r3.50
-
cpe:2.3:o:yokogawa:fcn-rtu_firmware:r4.02