CVE-2018-17898 in STARDOM Controller
Summary
by MITRE
Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. This could allow an attacker to cause the controller to become unstable.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 04/02/2020
The vulnerability identified as CVE-2018-17898 affects Yokogawa STARDOM Controllers including models FCJ FCN-100 FCN-RTU and FCN-500 across all versions up to and including R4.10. This represents a critical memory exhaustion flaw that fundamentally compromises the stability and operational integrity of industrial control systems. The affected controllers are widely deployed in critical infrastructure environments where reliability and continuous operation are paramount for safety and process control.
This vulnerability stems from insufficient input validation and memory management within the controller application's request handling mechanisms. The flaw allows unauthorized entities to submit crafted requests that consume excessive system memory resources without proper bounds checking or rate limiting controls. The absence of adequate memory allocation limits means that malicious or malformed requests can continuously deplete available memory resources, leading to system instability and potential complete system failure. The technical implementation lacks proper resource throttling and request validation that would normally prevent such exhaustion attacks from succeeding.
The operational impact of this vulnerability extends beyond simple service disruption to potentially dangerous safety implications in industrial environments. When the controller becomes unstable due to memory exhaustion, it may fail to properly execute control functions, leading to process failures, safety system malfunctions, or complete operational shutdowns. This is particularly concerning in manufacturing facilities, power generation plants, or other critical infrastructure where these controllers manage essential processes. The vulnerability creates an attack surface that could be exploited by threat actors to cause significant operational disruption and potentially safety hazards, especially when combined with other attack vectors in the industrial control system environment.
From a cybersecurity perspective, this vulnerability aligns with CWE-400 which specifically addresses "Uncontrolled Resource Consumption" and represents a classic denial of service scenario that can be amplified in industrial settings. The ATT&CK framework categorizes this under privilege escalation and denial of service tactics, where adversaries can leverage such weaknesses to gain persistent access or cause operational degradation. Organizations should implement immediate mitigations including network segmentation to isolate affected controllers, deployment of intrusion detection systems to monitor for anomalous request patterns, and application-level rate limiting to prevent memory exhaustion attacks. Additionally, regular firmware updates from Yokogawa should be implemented as part of the security maintenance program to address this vulnerability and prevent exploitation attempts that could lead to significant operational consequences in critical infrastructure environments.