CVE DATABASE / CVE-2022-29519
CVE-2022-29519
CVSS 7.5 · HIGH
Summary
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
CVSS 3.1 breakdown
| Base score | 7.5 (HIGH) |
| Vector | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | ADJACENT_NETWORK |
| Attack complexity | HIGH |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Yokogawa stardom fcj firmwareYokogawa stardom fcjYokogawa stardom fcn firmwareYokogawa stardom fcn
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://jvn.jp/vu/JVNVU95452299/index.html
- https://web-material3.yokogawa.com/1/32885/files/YSAR-22-0007-E.pdf
- https://web-material3.yokogawa.com/19/32885/files/YSAR-22-0007-J.pdf
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-174-01
Data: NIST NVD. NVD last modified 2024-11-21. Always verify against the vendor advisory before acting.