Yokogawa CENTUM VP - Vulnerability Exposed via Hard-Coded Password
Basically, a flaw in a system could let hackers log in and change settings.
A new vulnerability in Yokogawa CENTUM VP could allow unauthorized access through a hard-coded password. Critical sectors like manufacturing and energy are affected, raising concerns about operational integrity. Users are urged to implement security measures to mitigate risks.
What Happened
A vulnerability has been identified in the Yokogawa CENTUM VP system, allowing potential attackers to exploit a hard-coded password for the PROG user account. This flaw could enable unauthorized access to modify permissions, posing a risk to critical infrastructure sectors such as manufacturing, energy, and agriculture.
The Flaw
The vulnerability, identified as CVE-2025-7741, affects multiple versions of the CENTUM VP software:
- CENTUM VP >= R5.01.00
- CENTUM VP >= R6.01.00
- CENTUM VP vR7.01.00
The issue arises from the use of a hard-coded password for the PROG user account, which is utilized in the system's authentication mode. If an attacker gains access to the Human Interface Station (HIS) screen controls, they could log in as the PROG user and potentially modify system settings.
What's at Risk
While the default permissions for the PROG user are set to a low-risk level (S1 permission), any changes to these permissions could lead to significant operational risks. If an attacker modifies permissions, they may perform critical operations or configuration changes, impacting system integrity.
Patch Status
Yokogawa has recommended several mitigation strategies for affected users:
- For versions R5.01.00 to R5.04.20 and R6.01.00 to R6.12.00, users should switch to Windows Authentication Mode.
- For version R7.01.00, users are advised to apply the patch software R7.01.10.
Changing the authentication mode requires engineering work, and users should contact Yokogawa for assistance.
Immediate Actions
Organizations using the affected versions of Yokogawa CENTUM VP should:
- Implement the recommended changes to user authentication modes.
- Ensure that all control systems are not directly accessible from the internet, minimizing network exposure.
- Use secure methods for remote access, such as VPNs, while keeping them updated.
Conclusion
This vulnerability highlights the importance of secure authentication practices in industrial control systems. By addressing such vulnerabilities proactively, organizations can better protect their critical infrastructure from potential threats.