PatchSiren cyber security CVE debrief
CVE-2025-1924 Yokogawa Electric Corporation CVE debrief
CVE-2025-1924 is an OT advisory for Yokogawa CENTUM VP environments using the Vnet/IP Interface Package. According to CISA’s CSAF advisory, maliciously crafted packets can cause a denial of service that stops Vnet/IP communication functions, and the advisory also warns that arbitrary programs may be executed. Yokogawa’s recommended fix is patch software R1.08.00.
- Vendor
- Yokogawa Electric Corporation
- Product
- Yokogawa Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300) <=R1.07.00 Vnet/IP Interface Package for CENTUM VP R7 (VP7C3300)
- CVSS
- MEDIUM 6.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-02-26
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-02-26
Who should care
Industrial control system operators, OT engineers, and site administrators running Yokogawa CENTUM VP R6 or R7 with the Vnet/IP Interface Package should review this advisory, especially if the interface package is reachable from adjacent network segments.
Technical summary
The supplied advisory describes a packet-handling flaw in the Vnet/IP Interface Package for CENTUM VP. If the affected product receives maliciously crafted packets, the result may be a denial of service affecting Vnet/IP communication functions; the advisory also states arbitrary programs may be executed. The published CVSS vector (AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H) indicates an adjacent-network attack with high availability impact and some integrity impact.
Defensive priority
High for OT networks where Vnet/IP communication availability is operationally critical. Even with an AC:H rating, disruption of communication functions can affect process monitoring and control, so patching and segmentation should be prioritized.
Recommended defensive actions
- Apply Yokogawa patch software R1.08.00 as recommended in the advisory.
- Confirm whether your environment uses the affected CENTUM VP R6 or R7 Vnet/IP Interface Package builds.
- Restrict adjacent-network access to the affected OT segment and reduce exposure of Vnet/IP communication paths.
- Monitor for unexpected crashes, communication interruptions, or abnormal packet-related instability on affected systems.
- Contact a local Yokogawa supporting office and follow the vendor advisory YSAR-26-0002 for implementation guidance.
Evidence notes
This debrief is based on the supplied CISA CSAF source for ICSA-26-057-09 (republishing YSAR-26-0002) and the accompanying official links. The source states that maliciously crafted packets can stop Vnet/IP communication functions or allow arbitrary programs to be executed, and that patch software R1.08.00 is the vendor-recommended mitigation. No KEV listing was provided in the supplied corpus.
Official resources
-
CVE-2025-1924 CVE record
CVE.org
-
CVE-2025-1924 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory on 2026-02-26 as ICSA-26-057-09, noting it as an initial republication of YSAR-26-0002. The CVE and advisory dates supplied in the corpus are 2026-02-26; no KEV date was provided.