CVE-2018-10592
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-10592
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Yokogawa产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Yokogawa FCJ等都是日本横河电机(Yokogawa)公司的用于网络控制系统中的控制器。 多款Yokogawa产品中存在安全漏洞,该漏洞源于产品使用了硬编码凭证。远程攻击者可利用该漏洞获取对设备的管理员访问权限,进而执行代码。以下产品和版本受到影响:Yokogawa STARDOM FCJ R4.02及之前版本;FCN-100 R4.02及之前版本;FCN-RTU R4.02及之前版本;FCN-500 R4.02及之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Yokogawa | STARDOM FCJ Controllers | R4.02 and prior | - | |
| Yokogawa | STARDOM FCN-100 Controllers | R4.02 and prior | - | |
| Yokogawa | STARDOM FCN-RTU Controllers | R4.02 and prior | - | |
| Yokogawa | STARDOM FCN-500 Controllers | R4.02 and prior | - |
II. Public POCs for CVE-2018-10592
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-10592
请登录查看更多情报信息。
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03x_refsource_MISC
- https://web-material3.yokogawa.com/1/6712/details/YSAR-18-0004-E.pdfx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-10592
IV. Related Vulnerabilities
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2018-10592
No comments yet