CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-5915
https://notcve.org/view.php?id=CVE-2023-5915
01 Dec 2023 — A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the controller’s operation is not... • https://jvn.jp/vu/JVNVU95177889/index.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-30997
https://notcve.org/view.php?id=CVE-2022-30997
28 Jun 2022 — Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware. Se presenta una vulnerabilidad en el uso de credenciales embebidas en el controlador STARDOM FCN y en el controlador FCJ versiones R4.10 a R4.31, que puede permitir a un atacante con un privilegio administrativo leer/cambiar los ajustes de configuració... • https://jvn.jp/vu/JVNVU95452299/index.html • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.9EPSS: 0%CPEs: 4EXPL: 0CVE-2022-29519
https://notcve.org/view.php?id=CVE-2022-29519
28 Jun 2022 — Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware. Se presenta una vulnerabilidad de transmisión de texto sin cifrar de información confidencial en STARDOM FCN Controller y FCJ Controller versiones R1.01 a R4.31, que puede permitir a un atacante adyacente iniciar sesión en los productos afect... • https://jvn.jp/vu/JVNVU95452299/index.html • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-0651
https://notcve.org/view.php?id=CVE-2018-0651
09 Jan 2019 — Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers to stop the license management function or execute an arbitrary program via unspecified vectors. Un desbordamiento de búfer en la función license management de los productos YOKOGAWA (iDefine para ProSafe-RS R1.16.3 y anteriores, STAR... • http://www.securityfocus.com/bid/105124 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-17900
https://notcve.org/view.php?id=CVE-2018-17900
12 Oct 2018 — Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers. En Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, en todas las versiones R4.10 y anteriores, la aplicación web protege incorrectamente las credenciales, lo que podría permitir que un atacante obtenga credenciales para acceder remotamente a los controladores. • https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-17902
https://notcve.org/view.php?id=CVE-2018-17902
12 Oct 2018 — Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The application utilizes multiple methods of session management which could result in a denial of service to the remote management functions. En Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, en todas las versiones R4.10 y anteriores, la aplicación emplea múltiples métodos de gestión de sesiones, lo que podría resultar en una denegación de servicio (DoS) de las funciones de gestión remota. • https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03 • CWE-384: Session Fixation •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-17896
https://notcve.org/view.php?id=CVE-2018-17896
12 Oct 2018 — Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access to the maintenance functions and obtain or modify information. This attack can be executed only during maintenance work. En Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, en todas las versiones R4.10 y anteriores, los controladores afectados emplean credenciales embebidas que podrían permitir que ... • https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-17898
https://notcve.org/view.php?id=CVE-2018-17898
12 Oct 2018 — Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. This could allow an attacker to cause the controller to become unstable. En Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, en todas las versiones R4.10 y anteriores, la aplicación del controlador no evita el agotamiento de memoria debido a peticiones no autorizadas. Esto podría permitir que el atacante provoque que el ... • https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2018-10592
https://notcve.org/view.php?id=CVE-2018-10592
31 Jul 2018 — Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution. Los controladores Yokogawa STARDOM FCJ R4.02 y anteriores, FCN-100 R4.02 y anteriores, FCN-RTU R4.02 y anteriores y FCN-500 y anteriores R4.02 emplean credenciales embebidas que podrían... • http://www.securityfocus.com/bid/104376 • CWE-798: Use of Hard-coded Credentials •