Vulnerability cyber

Yokogawa Electric Corporation

Apr 21, 2025 1 min read
Yokogawa Electric Corporation

A high-severity vulnerability in a range of industrial recorders and data acquisition systems has been recognized in Yokogawa Electric Corporation. This flaw allows anyone with network access to manipulate the system settings and operational controls due to insecure default settings in their recorder products, where authentication is disabled by default. The attacker can manipulate measured values, alter system settings, and potentially compromise the integrity of critical operations. Possible impacts include incorrect measurements, data integrity compromise, downtime in production lines, and safety hazards in automated environments.

Source: https://thecyberexpress.com/yokogawa-flaw-exposes-industrial-systems/

TPRM report: https://scoringcyber.rankiteo.com/company/yokogawa-electric-corporation

"id": "yok525042125",
"linkid": "yokogawa-electric-corporation",
"type": "Vulnerability",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Industrial Automation',
                        'name': 'Yokogawa Electric Corporation',
                        'type': 'Corporation'}],
 'attack_vector': 'Network Access',
 'data_breach': {'type_of_data_compromised': 'Measured values, system '
                                             'settings'},
 'description': 'A high-severity vulnerability in a range of industrial '
                'recorders and data acquisition systems has been recognized in '
                'Yokogawa Electric Corporation. This flaw allows anyone with '
                'network access to manipulate the system settings and '
                'operational controls due to insecure default settings in '
                'their recorder products, where authentication is disabled by '
                'default. The attacker can manipulate measured values, alter '
                'system settings, and potentially compromise the integrity of '
                'critical operations. Possible impacts include incorrect '
                'measurements, data integrity compromise, downtime in '
                'production lines, and safety hazards in automated '
                'environments.',
 'impact': {'data_compromised': 'Measured values, system settings',
            'downtime': 'Possible downtime in production lines',
            'operational_impact': 'Compromise of critical operations',
            'systems_affected': 'Industrial recorders and data acquisition '
                                'systems'},
 'title': "High-Severity Vulnerability in Yokogawa Electric Corporation's "
          'Industrial Recorders',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'Insecure Default Settings'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

GeoServer

public 1 min read
A critical remote code execution vulnerability in GeoServer, designated CVE-2024-36401, has been exploited by cybercriminals to deploy cryptocurrency mining malware.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.