• News
  • Positive Technologies helped Yokogawa address six vulnerabilities affecting CENTUM VP
News

Positive Technologies helped Yokogawa address six vulnerabilities affecting CENTUM VP

Yokogawa Electric Corporation thanked Positive Technologies researchers Dmitry Sklyar and Demid Uzenkov for identifying six vulnerabilities in the codebase of CENTUM VP, Yokogawa's distributed control system (DCS). If exploited, the security flaws could disrupt industrial operations and potentially cause production shutdowns. The vendor was notified through responsible disclosure and issued an update to fix the vulnerabilities.

The VP series represents the newest generation of the CENTUM product line. Over the past 50 years, CENTUM distributed control systems have been installed at more than 30,000 industrial sites, including in the energy, oil and gas, and food sectors. The solution is exported to at least 100 countries worldwide.
 

The vulnerabilities, tracked as PT-2026-7964PT-2026-79691 (CVE-2025-1924, CVE-2025-48019CVE-2025-48023; BDU: 2025-02823, BDU: 2025-08836BDU: 2025-08840), received a CVSS v4.0 score of 6.0 out of 10. The issues affect CENTUM VP R6 and R7 systems that include the Vnet/IP software package version R1.07.00 or earlier. Vulnerable code was used on both control servers and the programmable logic controllers that are part of the system.

The most critical vulnerabilities could allow an attacker to run arbitrary code with maximum privileges. With control of the compromised host, the attacker could perform lateral movement, interfere with industrial processes, or even halt production lines.

Other vulnerabilities could be exploited to trigger a denial of service in CENTUM VP. This could temporarily prevent the system from controlling the process, potentially resulting in equipment failures and defective output. Recovery could require a controller reboot or a prolonged manual restart of server-side processes.

1 The vulnerabilities are registered on the dbugs portal, which aggregates data on vulnerabilities in software and hardware from vendors around the world.

"To exploit these issues, an attacker would first need access to the industrial network. Although organizations typically isolate OT from the corporate network, we still see cases where industrial control systems and operator workstations are reachable from the office network. Exploitation was also simplified by the fact that none of the vulnerabilities required authentication. After taking control of CENTUM VP, an attacker could potentially manipulate the production process for months without detection, degrading product quality. Over time, that could cause significant reputational and financial damage to the organization."

Dmitry Sklyar
Dmitry SklyarHead of ICS Security Assessment at Positive Technologies

Because the vulnerabilities affect a critical system component, organizations that use Vnet/IP within their distributed control systems should upgrade to Vnet/IP R1.08.00 as quickly as possible. To further reduce risk, isolate OT network segments to the maximum extent feasible and enable continuous security monitoring with dedicated tools and antivirus protection.

This is not the first time Positive Technologies has supported Yokogawa in strengthening product security. In 2023, Positive Technologies researcher Denis Alimov discovered vulnerability PT-2023-2121 (CVE-2023-26593, BDU: 2023-01858), which affected multiple generations of CENTUM systems, including CENTUM CS 1000, CENTUM CS 3000, and CENTUM VP R4 through R6. If exploited, the vulnerability could allow an attacker to manipulate the industrial process. Previously, in 2020, Natalya Pokidova and Ivan Kurnakov helped remediate vulnerabilities PT-2020-3923 (CVE-2020-5608, BDU: 2020-04316) and PT-2020-3924 (CVE-2020-5609, BDU: 2020-04317) in the CAMS for HIS component, which manages alarm messages and events in Yokogawa's distributed control system.

To detect exploitation attempts targeting industrial control systems, organizations can use PT Industrial Security Incident Manager (PT ISIM), an industrial cyber resilience platform that includes an antivirus module powered by proprietary technology from Positive Technologies. Advanced NTA/NDR systems, such as PT Network Attack Discovery (PT NAD), can also identify exploitation attempts.

For up-to-date security information, visit the dbugs portal, which aggregates vulnerability data and vendor recommendations for software and hardware from vendors around the world.