With a 7.7 rate of severity, the vulnerability (CVE-1081-16196) has been affecting multiple Yokagawa products and it exists within the Vnet/IP Open Communication Driver. If taken advantage of, the vulnerability could give an attacker the ability to halt communication from the Vnet which could cause a DoS campaign. All the proper organizations have been notified and they are working through the CVE-1081-16196 issue currently.
The affected products that are known so far include CENTUM CS 3000 (R3.05.00 – R3.09.50), CENTUM CS 3000 Entry Class (R3.05.00 – R3.09.50), CENTUM VP (R4.01.00 – R6.03.10), CENTUM VP Entry Class (R4.01.00 – R6.03.10), Exaopc (R3.10.00 – R3.75.00), PRM (R2.06.00 – R3.31.00), ProSafe-RS (R1.02.00 – R4.02.00), FAST/TOOLS (R9.02.00 – R10.02.00), and B/M9000 VP (R6.03.01 – R8.01.90).
All of those listed products are used across the globe in critical manufacturing, food and agriculture, and energy companies. Patches have been issued, but the products that are no longer being made have not received those patches and Yokogawa recommends upgrading.
Binary Defense Recommendation:
Users should minimize the amount of exposure they give control system devices and make sure they are not accessible from the internet. During remote access, users should also use VPNs in an effort to gain better security
Our Counterintelligence Team gathers information and conducts operations to identify threats to an organization so that they can better protect against malicious activity. We accomplish this by combining advanced technology with skilled and experienced intelligence specialists. Our goal is to protect your data, your brand and your people.