CVE-2022-30997

Sažetak

Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuration settings or update the controller with tampered firmware.

Reference

https://jvn.jp/vu/JVNVU95452299/index.html
https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf
https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf
https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

01-08-2024 - 13:42

Objavljeno

28-06-2022 - 13:15