Yokogawa Clears STARDOM Hole

Thursday, September 15, 2016 @ 03:09 PM gHale


Yokogawa produced a new release to mitigate an authentication bypass vulnerability in its STARDOM controller, according to a report with ICS-CERT.

Yokogawa and JPCERT/CC sent a report of the remotely exploitable vulnerability over to ICS-CERT.

RELATED STORIES
Rockwell Clears Parser Buffer Overflow
ABB Fixes Credential Mgt Vulnerability
Schneider Power Meter Issue
Energy Meter Vulnerabilities

STARDOM FCN/FCJ controller (from Version R1.01 to R4.01) suffers from the issue.

An attacker may be able to exploit this vulnerability to execute commands such as stop application program, change values, and modify application.

Yokogawa is based in Japan and maintains offices in several countries around the world, including the Americas, Europe, the Middle East, Africa, South Asia, and East Asia.

STARDOM is a network-based control system. These products see action across several sectors, including critical manufacturing, energy, and food and agriculture. Yokogawa said these products see use on a global basis.

Logic Designer can connect to STARDOM controller without authentication.

CVE-2016-4860 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

No known public exploits specifically target this vulnerability. However, an attacker with low skill would be able to exploit this vulnerability.

Yokogawa has remediated the vulnerability with the latest release R4.02.

Yokogawa said all users should introduce appropriate security measures not only for the vulnerabilities identified but also to the overall systems.

Click here for Yokogawa’s Security Advisory Report, “YSAR-16-0002: Arbitrary command execution vulnerability in STARDOM,” and other Yokogawa products.