What is the vulnerability ID of this Yokogawa Electric product vulnerability?

The vulnerability ID is CVE-2022-21194.

What is the severity of CVE-2022-21194?

The severity of CVE-2022-21194 is critical with a CVSS score of 9.8.

How does CVE-2022-21194 affect Yokogawa Centum VP firmware?

CVE-2022-21194 affects Yokogawa Centum VP firmware versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0.

How do I fix CVE-2022-21194?

To fix CVE-2022-21194, Yokogawa Electric recommends updating to the latest firmware versions: CENTUM VP R5.04.21 or later, CENTUM VP R6.08.1 or later, Exaopc R3.80.01 or later.

Vulnerability/
CVE-2022-21194

critical

9.8

CWE

798

11/3/2022

3/8/2024

CVE-2022-21194

Q: Which Yokogawa Electric products are affected by this vulnerability?

The following Yokogawa Electric products are affected: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.

First published: Fri Mar 11 2022(Updated: )

The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.

Credit: vultures@jpcert.or.jp

Affected Software	Affected Version	How to fix
Yokogawa Centum Vp Firmware	>=r5.01.00<=r5.04.20
Yokogawa Centum Vp Firmware	>=r6.01.00<r6.09.00
Yokogawa Centum Vp
Yokogawa Centum Vp Entry Firmware	>=r4.01.00<=r4.03.00
Yokogawa Centum Vp Entry Firmware	>=r5.01.00<=r5.04.20
Yokogawa Centum Vp Entry Firmware	>=r6.01.00<r6.09.00
Yokogawa Centum Vp Entry
Yokogawa Exaopc	>=r3.72.00<r3.80.00

Never miss a vulnerability like this again

Reference Links

https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf

Frequently Asked Questions

What is the vulnerability ID of this Yokogawa Electric product vulnerability?
The vulnerability ID is CVE-2022-21194.
Which Yokogawa Electric products are affected by this vulnerability?
The following Yokogawa Electric products are affected: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.
What is the severity of CVE-2022-21194?
The severity of CVE-2022-21194 is critical with a CVSS score of 9.8.
How does CVE-2022-21194 affect Yokogawa Centum VP firmware?
CVE-2022-21194 affects Yokogawa Centum VP firmware versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0.
How do I fix CVE-2022-21194?
To fix CVE-2022-21194, Yokogawa Electric recommends updating to the latest firmware versions: CENTUM VP R5.04.21 or later, CENTUM VP R6.08.1 or later, Exaopc R3.80.01 or later.

collector/nvd-index
agent/references
agent/severity
agent/author
agent/weakness
agent/description
agent/event
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/yokogawa
canonical/yokogawa centum vp firmware
version/yokogawa centum vp firmware/r5.01.00
version/yokogawa centum vp firmware/r5.04.20
version/yokogawa centum vp firmware/r6.01.00
canonical/yokogawa centum vp
canonical/yokogawa centum vp entry firmware
version/yokogawa centum vp entry firmware/r4.01.00
version/yokogawa centum vp entry firmware/r4.03.00
version/yokogawa centum vp entry firmware/r5.01.00
version/yokogawa centum vp entry firmware/r5.04.20
version/yokogawa centum vp entry firmware/r6.01.00
canonical/yokogawa centum vp entry
canonical/yokogawa exaopc
version/yokogawa exaopc/r3.72.00

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.