Unauthenticated Remote Control and Denial of Service Vulnerability in Yokogawa STARDOM FCN/FCJ Controller

Unauthenticated Remote Control and Denial of Service Vulnerability in Yokogawa STARDOM FCN/FCJ Controller

CVE-2016-4860 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a (1) stop application program, (2) change value, or (3) modify application command.

Learn more about our Web Application Penetration Testing UK.