ICSA-26-057-09 · Published 2026-02-26 · View on CISA ICS-CERT ↗

Yokogawa CENTUM VP R6, R7

CVSS 6.9 MEDIUM

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to terminate the software stack process, cause a denial-of-service condition, or execute arbitrary code.

CVEs (6)

CVE-2025-1924 CVE-2025-48019 CVE-2025-48020 CVE-2025-48021 CVE-2025-48022 CVE-2025-48023

Remediations

Yokogawa recommends users apply patch software (R1.08.00).
Yokogawa recommends users contact a local supporting office for further information or support. https://contact.yokogawa.com/cs/gw?c-id=000498
For more information and details on implementing these mitigations, users should see the Yokogawa advisory YSAR-26-0002 at https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0002-E.pdf

Affected Vendors

Yokogawa

Affected Products (2)

Yokogawa · Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300) <=R1.07.00

Yokogawa · Vnet/IP Interface Package for CENTUM VP R7 (VP7C3300) <=R1.07.00

Affected Sectors

Critical Manufacturing, Energy, Food and Agriculture

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more