Vulnerability Details CVE-2022-29519
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.9
References
- https://jvn.jp/vu/JVNVU95452299/index.html
- https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf
- https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01
- https://jvn.jp/vu/JVNVU95452299/index.html
- https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf
- https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01
Products affected by CVE-2022-29519
-
cpe:2.3:h:yokogawa:stardom_fcj:-
-
cpe:2.3:h:yokogawa:stardom_fcn:-
-
cpe:2.3:o:yokogawa:stardom_fcj_firmware:r1.01
-
cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.10
-
cpe:2.3:o:yokogawa:stardom_fcj_firmware:r4.31
-
cpe:2.3:o:yokogawa:stardom_fcn_firmware:r1.01
-
cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.10
-
cpe:2.3:o:yokogawa:stardom_fcn_firmware:r4.31