New Case Study: Threat Hunter finds renamed system utilities by file hash to uncover multiple attacks   

Read Case Study


Yokogawa Severe Vulnerability

January 7, 2019

With a 7.7 rate of severity, the vulnerability (CVE-1081-16196) has been affecting multiple Yokagawa products and it exists within the Vnet/IP Open Communication Driver. If taken advantage of, the vulnerability could give an attacker the ability to halt communication from the Vnet which could cause a DoS campaign. All the proper organizations have been notified and they are working through the issue currently. The affected products that are known so far include CENTUM CS 3000 (R3.05.00 – R3.09.50), CENTUM CS 3000 Entry Class (R3.05.00 – R3.09.50), CENTUM VP (R4.01.00 – R6.03.10), CENTUM VP Entry Class (R4.01.00 – R6.03.10), Exaopc (R3.10.00 – R3.75.00), PRM (R2.06.00 – R3.31.00), ProSafe-RS (R1.02.00 – R4.02.00), FAST/TOOLS (R9.02.00 – R10.02.00), and B/M9000 VP (R6.03.01 – R8.01.90). All of those listed products are used across the globe in critical manufacturing, food and agriculture, and energy companies. Patches have been issued, but the products that are no longer being made have not received those patches and Yokogawa recommends upgrading.

Analyst Notes

Users should minimize the amount of exposure they give control system devices and make sure they are not accessible from the internet. During remote access, users should also use VPNs in an effort to gain better security.