Sign-up

ID

VAR-201609-0305


CVE

CVE-2016-4860


TITLE

STARDOM Vulnerability in arbitrary command execution on controller

Trust: 0.8

sources: JVNDB: JVNDB-2016-004705

DESCRIPTION

Yokogawa STARDOM FCN/FCJ controller R1.01 through R4.01 does not require authentication for Logic Designer connections, which allows remote attackers to reconfigure the device or cause a denial of service via a (1) stop application program, (2) change value, or (3) modify application command. Provided by Yokogawa Electric Corporation STARDOM A vulnerability exists in the controller that allows arbitrary commands to be executed. Provided by Yokogawa Electric Corporation STARDOM For small and medium-sized factories PLC Instrumentation system. STARDOM The controller is not authenticated when connecting from the logic designer (CWE-306) there is. for that reason, STARDOM An arbitrary command may be executed by a third party who can access the controller. CWE-306: Missing Authentication for Critical Function https://cwe.mitre.org/data/definitions/306.htmlSTARDOM By a third party with access to the controller IEC The application may be stopped, the value may be rewritten, or the application may be changed. YokogawaSTARDOMFCN/FCJcontroller is a controller for network-based control systems. Yokogawa STARDOM is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and execute arbitrary commands. The following versions are vulnerable: Yokogawa STARDOM FCJ versions from R1.01 to R4.01 are vulnerable. Yokogawa STARDOM FCN versions from R1.01 to R4.01 are vulnerable. The vulnerability is caused by the program not requiring authentication for Logic Designer connection

Trust: 2.52

sources: NVD: CVE-2016-4860 // JVNDB: JVNDB-2016-004705 // CNVD: CNVD-2016-08088 // BID: 92981 // VULHUB: VHN-93679

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-08088

AFFECTED PRODUCTS

vendor:yokogawamodel:stardom fcn\/fcjscope:eqversion:r4.01

Trust: 1.6

vendor:yokogawamodel:stardom fcn\/fcjscope:eqversion:r2.01

Trust: 1.6

vendor:yokogawamodel:stardom fcn\/fcjscope:eqversion:r1.01

Trust: 1.6

vendor:yokogawamodel:stardom fcn\/fcjscope:eqversion:r3.01

Trust: 1.6

vendor:yokogawa electricmodel:stardomscope:lteversion:fcn/fcj r1.01 from r4.01

Trust: 0.8

vendor:yokogawamodel:stardom fcj >r1.01 <r4.01scope: - version: -

Trust: 0.6

vendor:yokogawamodel:stardom fcn >r1.01 <r4.01scope: - version: -

Trust: 0.6

vendor:yokogawamodel:stardom fcn r4.01scope: - version: -

Trust: 0.3

vendor:yokogawamodel:stardom fcn r1.01scope: - version: -

Trust: 0.3

vendor:yokogawamodel:stardom fcj r4.01scope: - version: -

Trust: 0.3

vendor:yokogawamodel:stardom fcj r1.01scope: - version: -

Trust: 0.3

vendor:yokogawamodel:stardom fcn r4.02scope:neversion: -

Trust: 0.3

vendor:yokogawamodel:stardom fcj r4.02scope:neversion: -

Trust: 0.3

sources: CNVD: CNVD-2016-08088 // BID: 92981 // JVNDB: JVNDB-2016-004705 // CNNVD: CNNVD-201609-340 // NVD: CVE-2016-4860

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-4860
value: HIGH

Trust: 1.0

NVD: CVE-2016-4860
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-08088
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201609-340
value: HIGH

Trust: 0.6

VULHUB: VHN-93679
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-4860
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-08088
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-93679
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-4860
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 3.4
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-08088 // VULHUB: VHN-93679 // JVNDB: JVNDB-2016-004705 // CNNVD: CNNVD-201609-340 // NVD: CVE-2016-4860

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

problemtype:CWE-Other

Trust: 0.8

sources: VULHUB: VHN-93679 // JVNDB: JVNDB-2016-004705 // NVD: CVE-2016-4860

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-340

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201609-340

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004705

PATCH
title:YSAR-16-0002:STARDOM コントローラに任意のコマンドを実行される脆弱性url:http://www.yokogawa.co.jp/dcs/security/ysar/YSAR-16-0002-J.pdf
Trust: 0.8
title:横河セキュリティ対策情報url:http://www.yokogawa.co.jp/dcs/security/ysar/dcs-ysar-index-ja.htm
Trust: 0.8
title:中小規模向けPLC計装システム STARDOM(スターダム)url:http://www.yokogawa.co.jp/stardom/stardom-index.htm?ms=jp
Trust: 0.8
title:YokogawaSTARDOM certification bypasses the patch for the vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/81660
Trust: 0.6
title:Yokogawa STARDOM FCN/FCJ Repair measures for controller security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64140
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-08088 // 
            
            
            
            JVNDB: JVNDB-2016-004705 // 
            
            
            
            CNNVD: CNNVD-201609-340

EXTERNAL IDS
db:NVDid:CVE-2016-4860
Trust: 3.4
db:ICS CERTid:ICSA-16-259-01
Trust: 2.8
db:BIDid:92981
Trust: 2.0
db:JVNid:JVNVU98542287
Trust: 0.8
db:JVNDBid:JVNDB-2016-004705
Trust: 0.8
db:CNNVDid:CNNVD-201609-340
Trust: 0.7
db:CNVDid:CNVD-2016-08088
Trust: 0.6
db:VULHUBid:VHN-93679
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-08088 // 
            
            
            
            VULHUB: VHN-93679 // 
            
            
            
            BID: 92981 // 
            
            
            
            JVNDB: JVNDB-2016-004705 // 
            
            
            
            CNNVD: CNNVD-201609-340 // 
            
            
            
            NVD: CVE-2016-4860

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-16-259-01
Trust: 2.8
url:http://www.securityfocus.com/bid/92981
Trust: 1.7
url:https://web-material3.yokogawa.com/ysar-16-0002-e.pdf
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4860
Trust: 0.8
url:http://jvn.jp/vu/jvnvu98542287/index.html
Trust: 0.8
url:https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4860
Trust: 0.8
url:http://www.yokogawa.com/
Trust: 0.3
url:https://web-material3.yokogawa.com/ysar-16-0002-e.pdf?_ga=1.58874094.2131094256.1474023671
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2016-08088 // 
            
            
            
            VULHUB: VHN-93679 // 
            
            
            
            BID: 92981 // 
            
            
            
            JVNDB: JVNDB-2016-004705 // 
            
            
            
            CNNVD: CNNVD-201609-340 // 
            
            
            
            NVD: CVE-2016-4860

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 92981

SOURCES
db:CNVDid:CNVD-2016-08088
db:VULHUBid:VHN-93679
db:BIDid:92981
db:JVNDBid:JVNDB-2016-004705
db:CNNVDid:CNNVD-201609-340
db:NVDid:CVE-2016-4860

LAST UPDATE DATE
2025-04-13T23:41:17.178000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-08088date:2016-09-26T00:00:00
db:VULHUBid:VHN-93679date:2016-11-28T00:00:00
db:BIDid:92981date:2016-09-15T00:00:00
db:JVNDBid:JVNDB-2016-004705date:2016-10-07T00:00:00
db:CNNVDid:CNNVD-201609-340date:2016-09-19T00:00:00
db:NVDid:CVE-2016-4860date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-08088date:2016-09-26T00:00:00
db:VULHUBid:VHN-93679date:2016-09-19T00:00:00
db:BIDid:92981date:2016-09-15T00:00:00
db:JVNDBid:JVNDB-2016-004705date:2016-09-15T00:00:00
db:CNNVDid:CNNVD-201609-340date:2016-09-19T00:00:00
db:NVDid:CVE-2016-4860date:2016-09-19T01:59:03.837