← Back to home
ICSA-26-092-02  ·  Published 2026-04-02  ·  View on CISA ICS-CERT ↗

Yokogawa CENTUM VP

CVSS 4.0 MEDIUM

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions.

CVEs (1)

Remediations

  • Yokogawa recommends users applying the following mitigations to affected versions:
  • CENTUM VP R5.01.00 to R5.04.20: Change the user authentication mode to Windows Authentication Mode.
  • CENTUM VP R6.01.00 to R6.12.00: Change the user authentication mode to Windows Authentication Mode.
  • CENTUM VP R7.01.00: Apply patch software R7.01.10.
  • NOTE:Changing to Windows Authentication Mode requires engineering work. If users wish to make this change, please contact Yokogawa directly https://contact.yokogawa.com/cs/gw?c-id=000498.
  • For more information and details on implementing these mitigations, users should see the Yokogawa advisory YSAR-26-0003 at https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0003-E.pdf

Affected Vendors

Yokogawa

Affected Products (3)

Yokogawa · CENTUM VP >=R5.01.00|<R5.04.20
Yokogawa · CENTUM VP >=R6.01.00|<R6.12.00
Yokogawa · CENTUM VP vR7.01.00

Affected Sectors

Critical Manufacturing, Energy, Food and Agriculture

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more