CVE-2022-21194

The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*

History

18 Mar 2022, 14:38

Type Values Removed Values Added
References (CONFIRM) https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf - (CONFIRM) https://web-material3.yokogawa.com/1/32094/files/YSAR-22-0001-E.pdf - Vendor Advisory
CWE CWE-798
CPE cpe:2.3:h:yokogawa:centum_vp_entry:-:*:*:*:*:*:*:*
cpe:2.3:a:yokogawa:exaopc:*:*:*:*:*:*:*:*
cpe:2.3:h:yokogawa:centum_vp:-:*:*:*:*:*:*:*
cpe:2.3:o:yokogawa:centum_vp_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yokogawa:centum_vp_entry_firmware:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 6.8
v3 : 9.8

11 Mar 2022, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-11 09:15

Updated : 2024-02-04 22:29


NVD link : CVE-2022-21194

Mitre link : CVE-2022-21194

CVE.ORG link : CVE-2022-21194


JSON object : View

Products Affected

yokogawa

  • centum_vp_firmware
  • centum_vp_entry_firmware
  • centum_vp
  • exaopc
  • centum_vp_entry
CWE
CWE-798

Use of Hard-coded Credentials