[Japanese]

JVNDB-2023-001411

Yokogawa Electric CENTUM series vulnerable to cleartext storage of sensitive information

Overview

CENTUM series provided by Yokogawa Electric Corporation are vulnerable to cleartext storage of sensitive information (CWE-312, CVE-2023-26593).

Yokogawa Electric Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 6.5 (Medium) [Other]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
Affected Products


Yokogawa Electric Corporation
  • CENTUM VP R4.01.00 to R4.03.00 (*1)
  • CENTUM VP R5.01.00 to R5.04.20 (*1)
  • CENTUM VP R6.01.00 and later (*1)
  • B/M9000 CS R5.04.01 to R5.05.01 (*2)
  • B/M9000 VP R6.01.01 to R7.04.51 (*2)
  • B/M9000 VP R8.01.01 and later (*2)
  • CENTUM CS 1000 R2.01.00 to R3.09.50
  • CENTUM CS 3000 R2.01.00 to R3.09.50
  • CENTUM CS 3000 Small R2.01.00 to R3.09.50
  • CENTUM VP Basic R4.01.00 to R4.03.00 (*1)
  • CENTUM VP Basic R5.01.00 to R5.04.20 (*1)
  • CENTUM VP Basic R6.01.00 and later (*1)
  • CENTUM VP Small R4.01.00 to R4.03.00 (*1)
  • CENTUM VP Small R5.01.00 to R5.04.20 (*1)
  • CENTUM VP Small R6.01.00 and later (*1)

(*1) It is affected if CENTUM Authentication Mode is used for user authentication.
(*2) B/M series are affected by CENTUM bundled in the products.
For more information, refer to the information provided by the developer.
Impact

If an attacker who can login or access the computer where the affected product is installed tampers the password file stored in the computer, the user privilege which CENTUM managed may be escalated. As a result, the control system may be operated with the escalated user privilege.

To exploit this vulnerability, the following prerequisites must be met.

* An attacker has obtained user credentials where the affected product is installed
* CENTUM Authentication Mode is used for user authentication when CENTUM VP is used

For more information, refer to the information provided by the developer.
Solution

[Stop using the outdated products and switch to successor products]
For the users of CENTUM CS 1000, CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class):
These products are no longer support, therefore solutions are not provided.
The developer recommends users to migrate to the latest CENTUM VP series.

[Update the software]
For the users of CENTUM VP (Including CENTUM VP Entry Class)
R4.01.00 to R4.02.00:
Update the software to R4.03.00, and then change the user authentication mode from CEMTUM Authentication Mode to Windows Authentication Mode.

[Change the authentication mode]
For the users of CENTUM VP (Including CENTUM VP Entry Class)
R4.03.00, R5.01.00 to R5.04.20, R6.01.00 and later:
Change the user authentication mode from CEMTUM Authentication Mode to Windows Authentication Mode.

The users of B/M9000 CS and B/M9000 VP are not directly affected by this vulnerability, but it is affected as CENTUM which is bundled is vulnerable. Therefore, users who are to update CENTUM VP to the latest version need to update B/M9000 VP to the appropriate version.

For more information, refer to the information provided by the developer.
Vendor Information

Yokogawa Electric Corporation
CWE (What is CWE?)

  1. Cleartext Storage of Sensitive Information(CWE-312) [Other]
CVE (What is CVE?)

  1. CVE-2023-26593
References

  1. JVN : JVNVU#98775218
Revision History

  • [2023/04/06]
      Web page was published