Last Updated: January 20, 2021
Overview
Vulnerabilities that are called “Ripple20” in Treck TCP/IP stack software has been reported. Yokogawa is investigating the impact to Yokogawa products about the vulnerabilities. When Yokogawa discovers the affected Yokogawa product, Yokogawa will provide detail information in Yokogawa Security Advisory Report (YSAR) in accordance with our Vulnerabilities Handling Policy.
Yokogawa Security Advisory Report
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/
The Yokogawa Group Vulnerability Handling Policy
https://www.yokogawa.com/eu/solutions/products-platforms/announcements/vulpolicy/
Yokogawa strongly recommends all customers to establish and maintain a full security program, not only for the Vulnerabilities. Security program components are: Patch updates, Anti-virus, Backup and recovery, zoning, hardening, whitelisting, firewall, etc. Yokogawa can assist in setting up and running the security program continuously. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.
Impact on Yokogawa Products
DELL computers provided as Yokogawa system components
Following are the products that would be affected by this vulnerability. We prepared fixed firmware for this vulnerability. Please contact us.
Classification |
Model |
---|---|
Global PC |
YG1SY01-XXW1016E-0 |
Reference Site
CERT/CC Vulnerability Note VU#257161
https://www.kb.cert.org/vuls/id/257161
ICS Advisory (ICSA-20-168-01)
https://www.us-cert.gov/ics/advisories/icsa-20-168-01
Looking for more information on our people, technology and solutions?
Contact Us