What is the vulnerability ID?

The vulnerability ID is CVE-2018-17902.

What is the severity of CVE-2018-17902?

The severity of CVE-2018-17902 is medium with a CVSS score of 5.3.

Are there any fixes or patches available for this vulnerability?

No specific fixes or patches are mentioned in the vulnerability report, but users are advised to follow the recommendations provided by Yokogawa in their advisory.

Vulnerability/
CVE-2018-17902

medium

5.3

CWE

384

28/9/2018

5/8/2024

CVE-2018-17902

Q: What is the impact of this vulnerability?

This vulnerability could result in a denial of service to the remote management functions of the affected controllers.

First published: Fri Sep 28 2018(Updated: )

Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The application utilizes multiple methods of session management which could result in a denial of service to the remote management functions.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Yokogawa Fcj Firmware	<=r4.10
Yokogawa Fcj
Yokogawa Fcn-100 Firmware	<=r4.10
Yokogawa Fcn-100
Yokogawa Fcn-rtu Firmware	<=r4.10
Yokogawa Fcn-rtu
Yokogawa Fcn-500 Firmware	<=r4.10
Yokogawa Fcn-500

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID?
The vulnerability ID is CVE-2018-17902.
Which Yokogawa STARDOM Controllers are affected by this vulnerability?
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, all versions up to R4.10 are affected.
What is the severity of CVE-2018-17902?
The severity of CVE-2018-17902 is medium with a CVSS score of 5.3.
What is the impact of this vulnerability?
This vulnerability could result in a denial of service to the remote management functions of the affected controllers.
Are there any fixes or patches available for this vulnerability?
No specific fixes or patches are mentioned in the vulnerability report, but users are advised to follow the recommendations provided by Yokogawa in their advisory.

collector/nvd-index
agent/severity
agent/references
agent/weakness
agent/author
agent/type
agent/description
agent/event
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/yokogawa
canonical/yokogawa fcj firmware
version/yokogawa fcj firmware/r4.10
canonical/yokogawa fcj
canonical/yokogawa fcn-100 firmware
version/yokogawa fcn-100 firmware/r4.10
canonical/yokogawa fcn-100
canonical/yokogawa fcn-rtu firmware
version/yokogawa fcn-rtu firmware/r4.10
canonical/yokogawa fcn-rtu
canonical/yokogawa fcn-500 firmware
version/yokogawa fcn-500 firmware/r4.10
canonical/yokogawa fcn-500

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.