Summary: A high-severity vulnerability (CVE-2025-1863) has been identified in various Yokogawa Electric Corporation industrial recorder and data acquisition systems, exposing them to significant security risks. The issue arises from disabled default authentication settings, allowing unauthorized access to critical functions. Users are urged to enable authentication and implement robust security measures to mitigate potential threats.
Affected: Yokogawa Electric Corporation industrial systems
Keypoints :
- Vulnerability rated CVSS v4 score of 9.3 and CVSS v3.1 score of 9.8, indicating high risk.
- Affects several models of paperless recorders and data acquisition units, primarily those with default disabled authentication.
- Exploitation could lead to compromised data integrity, operational downtime, and safety hazards.
- Users should activate authentication on devices and employ strong security practices, including password management and network segmentation.
- Yokogawa recommends comprehensive security strategies to protect affected devices from attacks.
Source: https://thecyberexpress.com/yokogawa-flaw-exposes-industrial-systems/