CVE-2018-17896
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-17896
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access to the maintenance functions and obtain or modify information. This attack can be executed only during maintenance work.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Yokogawa产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Yokogawa STARDOM Controllers FCJ等都是日本横河电机(Yokogawa)公司的用于基础网络控制系统中的控制器。 多款Yokogawa产品中存在安全漏洞,该漏洞源于控制器使用了硬编码的凭证。攻击者可利用该漏洞未授权访问‘maintenance’函数,获取或修改信息。以下产品和版本受到影响:Yokogawa STARDOM Controllers FCJ R4.10及之前版本;FCN-100 R4.10及之前版本;FCN-RTUR 4.10及之前版本;FCN-500 R4.10及
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Yokogawa | STARDOM Controllers FCJ,FCN-100,FCN-RTU, FCN-500 | All versions prior to version X.X | - |
II. Public POCs for CVE-2018-17896
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-17896
请登录查看更多情报信息。
- https://ics-cert.us-cert.gov/advisories/ICSA-18-151-03x_refsource_MISC
- https://web-material3.yokogawa.com/YSAR-18-0007-E.pdfx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-17896
Same Patch Batch · Yokogawa · 2018-10-12 · 4 CVEs total
| CVE-2018-17898 | 多款Yokogawa产品安全漏洞 | |
| CVE-2018-17900 | 多款Yokogawa产品安全漏洞 | |
| CVE-2018-17902 | 多款Yokogawa产品安全漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2018-17896
No comments yet