CVE-2025-1863
Published: Apr 18, 2025
Modified: Apr 18, 2025
CVSS v3.1
9.8
Description
Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation. The default setting of the authentication function is disabled on the affected products. Therefore, when connected to a network with default settings, anyone can access all functions related to settings and operations. As a result, an attacker can illegally manipulate and configure important data such as measured values and settings. This issue affects GX10 / GX20 / GP10 / GP20 Paperless Recorders: R5.04.01 or earlier; GM Data Acquisition System: R5.05.01 or earlier; DX1000 / DX2000 / DX1000N Paperless Recorders: R4.21 or earlier; FX1000 Paperless Recorders: R1.31 or earlier; μR10000 / μR20000 Chart Recorders: R1.51 or earlier; MW100 Data Acquisition Units: All versions; DX1000T / DX2000T Paperless Recorders: All versions; CX1000 / CX2000 Paperless Recorders: All versions.
| Vendor | Product | Versions |
|---|---|---|
Yokogawa Electric Corporation | GX10 / GX20 / GP10 / GP20 Paperless Recorders | affected R5.04.01 or earlier |
Yokogawa Electric Corporation | GM Data Acquisition System | affected R5.05.01 or earlier |
Yokogawa Electric Corporation | DX1000 / DX2000 / DX1000N Paperless Recorders | affected R4.21 or earlier |
Yokogawa Electric Corporation | FX1000 Paperless Recorders | affected R1.31 or earlier |
Yokogawa Electric Corporation | μR10000 / μR20000 Chart Recorders | affected R1.51 or earlier |
Yokogawa Electric Corporation | MW100 Data Acquisition Units | affected All versions |
Yokogawa Electric Corporation | DX1000T / DX2000T Paperless Recorders | affected All versions |
Yokogawa Electric Corporation | CX1000 / CX2000 Paperless Recorders | affected All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now