Global   
Ripple20
Public announcement of Yokogawa’s products

Security Information: Vulnerabilities “Ripple20”

Last Updated: January 20, 2021

Overview

Vulnerabilities that are called “Ripple20” in Treck TCP/IP stack software has been reported. Yokogawa is investigating the impact to Yokogawa products about the vulnerabilities. When Yokogawa discovers the affected Yokogawa product, Yokogawa will provide detail information in Yokogawa Security Advisory Report (YSAR) in accordance with our Vulnerabilities Handling Policy.

 

Yokogawa Security Advisory Report
http://cdn40.1421agencies.com/library/resources/white-papers/yokogawa-security-advisory-report-list/

 

The Yokogawa Group Vulnerability Handling Policy
http://cdn40.1421agencies.com/eu/solutions/products-platforms/announcements/vulpolicy/

 

Yokogawa strongly recommends all customers to establish and maintain a full security program, not only for the Vulnerabilities. Security program components are: Patch updates, Anti-virus, 备份和恢复, zoning, hardening, whitelisting, firewall, etc. Yokogawa can assist in setting up and running the security program continuously. For considering the most effective risk mitigation plan, 作为起点, Yokogawa can perform a security risk assessment.

 

Impact on Yokogawa Products

DELL computers provided as Yokogawa system components

Following are the products that would be affected by this vulnerability. We prepared fixed firmware for this vulnerability. Please contact us. 

Classification

Model

Global PC

YG1SY01-XXW1016E-0
YG1SY01-XXW1016E-1
YG2SY02-XXW1016E-0
YG2SY02-XXW1016E-1

 

Reference Site

CERT/CC Vulnerability Note VU#257161
http://www.kb.cert.org/vuls/id/257161

 

ICS Advisory (ICSA-20-168-01)
http://www.us-cert.gov/ics/advisories/icsa-20-168-01

Looking for more information on our people, technology and solutions?

Contact Us
Top