ICSA-25-107-04
·
Published 2025-04-17
·
View on CISA ICS-CERT ↗
Yokogawa Recorder Products
CVSS 9.8
CRITICAL
Risk Summary
Successful exploitation of this vulnerability could allow an attacker to manipulate information on the affected products.
CVEs (1)
Remediations
- Yokogawa has provided the following countermeasures for this vulnerability:
- Yokogawa urges users to enable the authentication function when connecting the affected products to the network (login function).
- Be sure to change the password from the default setting after enabling the authentication function.
- Yokogawa strongly recommends all users to establish and maintain a full security program. Security program components are patch updates, anti-virus, backup and recovery, zoning, hardening, whitelisting, firewall, etc. Yokogawa can assist in setting up and running the security program continuously. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.
- For more information, contact Yokogawa.
- For more information and details on implementing these mitigations, users should see the Yokogawa advisory.
Affected Vendors
Yokogawa
Affected Products (8)
Yokogawa
·
GX10 / GX20 / GP10 / GP20 Paperless Recorders
vers:all/<=R5.04.01
Yokogawa
·
GM Data Acquisition System
vers:all/<=R5.05.01
Yokogawa
·
DX1000 / DX2000 / DX1000N Paperless Recorders
vers:all/<=R4.21
Yokogawa
·
FX1000 Paperless Recorders
vers:all/<=R1.31
Yokogawa
·
μR10000 / μR20000 Chart Recorders
vers:all/<=R1.51
Yokogawa
·
MW100 Data Acquisition Units
vers:all/*
Yokogawa
·
DX1000T / DX2000T Paperless Recorders
vers:all/*
Yokogawa
·
CX1000 / CX2000 Paperless Recorders
vers:all/*
Affected Sectors
Critical Manufacturing, Energy, Food and Agriculture
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more