PatchSiren cyber security CVE debrief
CVE-2025-48019 Yokogawa Electric Corporation CVE debrief
CVE-2025-48019 affects Yokogawa CENTUM VP R6/R7 Vnet/IP Interface Package versions up to R1.07.00. According to the CISA CSAF advisory, maliciously crafted packets can terminate the Vnet/IP software stack process, creating an availability impact; Yokogawa recommends updating to patch software R1.08.00.
- Vendor
- Yokogawa Electric Corporation
- Product
- Yokogawa Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300) <=R1.07.00 Vnet/IP Interface Package for CENTUM VP R7 (VP7C3300)
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-02-26
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-02-26
Who should care
OT operators, plant engineers, and security teams responsible for Yokogawa CENTUM VP R6/R7 deployments, especially systems using the Vnet/IP Interface Package (VP6C3300 or VP7C3300) at or below R1.07.00. Network teams managing OT segmentation and anyone monitoring process availability in the control environment should also pay attention.
Technical summary
The advisory describes a packet-driven denial-of-service condition affecting the Vnet/IP software stack process. The supplied CVSS vector (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) indicates an adjacent-network attack with high complexity, no privileges, and no user interaction, resulting in availability impact only. CISA’s record and Yokogawa’s remediation both point to patch software R1.08.00 as the corrective update.
Defensive priority
Medium priority overall, but higher in environments where Vnet/IP traffic is reachable from less-trusted adjacent networks or where a process crash could disrupt operations. Treat as a timely OT patching and segmentation task rather than a routine low-severity item.
Recommended defensive actions
- Apply Yokogawa patch software R1.08.00 for the affected Vnet/IP Interface Package versions.
- Confirm whether any CENTUM VP R6/R7 installations use VP6C3300 or VP7C3300 at or below R1.07.00.
- Restrict and segment Vnet/IP traffic so only trusted OT paths can reach the affected stack.
- Monitor for unexpected Vnet/IP process termination or related service interruptions on affected assets.
- Consult Yokogawa advisory YSAR-26-0002 and coordinate with the local supporting office if patching requires operational planning.
Evidence notes
The source CSAF advisory titled "Yokogawa CENTUM VP R6, R7" states: "If the affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated." The advisory’s remediation section recommends patch software R1.08.00. The supplied CVSS vector is AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H, which supports an adjacent-network availability issue. Publication and modification dates in the source and timeline are both 2026-02-26T07:00:00.000Z. No KEV entry was supplied.
Official resources
-
CVE-2025-48019 CVE record
CVE.org
-
CVE-2025-48019 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA CSAF advisory ICSA-26-057-09 (republished from YSAR-26-0002) was published and modified on 2026-02-26T07:00:00.000Z. The supplied enrichment does not list this CVE in CISA KEV.