According to the YSAR-14-0005E (SSLv3 protocol vulnerability of decrypting the encrypted data in YOKOGAWA products), SMARTDAC+ GX10/GX20, GP10/GP20, and GM10 are affected by SSLv3 protocol vulnerability. How do I protect the product from the vulnerability

The POODLE attack (Padding Oracle On Downgraded Legacy Encryption) which abused the vulnerability of SSLv3 protocol has become a recent topic. Since the SSL communication has been supported from the release number 2 of SMARTDAC+ series, the following products and the firmware versions are affected.

  • GX10/GX20, GP10/GP20 (from R2.01.01 to R2.02.01)
  • GM10 (R2.02.01)

However, the SMARTDAC+ series can provide encryption connection via the TLS communication strengthened more against vulnerability. Apply the following countermeasures.

  1. Web functions (Server)
    Disable SSL 3.0 in web browser before connection.
  2. FTPS (Server and Client)
    When using as a client: Disable SSL 3.0 on the server side before connection.
    When using as a server: Disable SSL 3.0 on the client side before connection.
  3. Mail functions (Client)

     

Related Products & Solutions

  • Modular GM10

    For industrial and lab applications, the GM10 offers Bluetooth wireless connection and modular I/O that offers accurate and reliable measurements.

    See More
  • Touch Screen GP10/GP20

    SMARTDAC+TM GP10/GP20 is a paperless recorder that provides intuitive, human-centric design, web-enabled functionality, and scalable architecture.

    See More
  • Touch Screen Paperless Recorder GX10/GX20

    The SMARTDAC+TM GX10/GX20 is a panel mount paperless recorder with a modular architecture on the back panel and has a data logging function to acquire the required data. By supporting not only I/O but also many communication protocols, you can connect to various devices. GX utilizes AI. Supporting FDA 21 CFR Part11 and AMS2750E/NADCAP.

    See More

Top