The Yokogawa Stardom vulnerability (CVE-2018-10592) affects the FCJ, FCN-100, FCN-RTU and FCN-500 controllers running firmware version R4.02 or earlier. These industrial control systems (ICS) are used around the world in various infrastructure capacities including the energy sector, food production and manufacturing.
According to the security advisory for the Yokogawa Stardom vulnerability, an attacker could remotely log in with the hardcoded credentials and be able to execute system commands. The official advisory from Yokogawa and the advisory from ICS-CERT disagree slightly though: Yokogawa labels the issue as being of medium difficulty to exploit, while ICS-CERT notes that it takes “low skill level.”
Yokogawa suggests users upgrade to firmware version R4.10 and ICS-CERT adds that the National Cybersecurity and Communications Integration Center (NCCIC) also recommends that industrial control systems be isolated from networks if possible, protected behind firewalls or restricting logins.
It is unclear how widespread the Yokogawa Stardom vulnerability might be. Yokogawa did not respond to requests for comment at the time of this post.
Hardcoding passwords and other login credentials is a practice that security professionals have frowned upon for decades, but still affects products ranging from IoT to firewalls and more. Meanwhile, industrial control systems have become a bigger target for attackers looking to cause real-world havoc with cyberattacks.
Based Blockchain Network