Yokogawa Recorders Vulnerable to Attack Due to Insecure Default Settings

Yokogawa Electric Corporation has issued a security advisory warning of a critical vulnerability affecting several of its industrial recorder products. Tracked as CVE-2025-1863, this flaw allows unauthenticated attackers to manipulate key settings and measurement data if devices are left in their default configuration.

Disclosed in Yokogawa Security Advisory Report YSAR-25-0001, this vulnerability stems from insecure factory default settings in multiple product lines, where the authentication function is disabled by default.

“When connected to a network with default settings, anyone can access all functions related to settings and operations,” the report warns.

The vulnerability has been assigned CVE-2025-1863 and rated CVSS v3 base score 9.8, signaling critical severity. It maps to CWE-1188: Initialization of a Resource with an Insecure Default, which highlights the systemic risks of deploying devices without secure configurations.

The vulnerability was responsibly disclosed by Souvik Kandar of MicroSec (Microsec.io).

The following Yokogawa product lines are impacted:

• GX10 / GX20 / GP10 / GP20 Paperless Recorders (R5.04.01 or earlier)
• GM Data Acquisition System (R5.05.01 or earlier)
• DX1000 / DX2000 / DX1000N / DX1000T / DX2000T Paperless Recorders (up to R4.21 and all versions)
• FX1000 Paperless Recorders (R1.31 or earlier)
• μR10000 / μR20000 Chart Recorders (R1.51 or earlier)
• MW100 Data Acquisition Units (all versions)
• CX1000 / CX2000 Paperless Recorders (all versions)

If left in their default state, these devices allow full network access to their administrative functions—no login required. An attacker could:

• Change device settings
• Tamper with measurement data
• Disrupt monitoring operations

Given the typical deployment of these devices in industrial and critical infrastructure environments, the risk extends to operational disruption and potential safety hazards.

Yokogawa advises the following steps to secure affected systems:

1. Enable the authentication function (login).
2. Change default passwords immediately after enabling authentication.
3. Implement a broader security program covering:
   • Patch management
   • Zoning and firewall configurations
   • Antivirus, backup, and recovery
   • Whitelisting and system hardening

Related Posts:

• Dahua Technology Addresses Vulnerabilities in Network Video Recorders and IP Cameras

About The Author

Ddos

Ddos is a seasoned news reporter, bringing over a decade of expertise to the forefront of cyber security and technology reporting. My work provides timely and insightful analysis of emerging trends and critical developments in these rapidly evolving sectors.

See author's posts