PatchSiren cyber security CVE debrief
CVE-2025-48021 Yokogawa Electric Corporation CVE debrief
CVE-2025-48021 is a medium-severity availability issue in Yokogawa CENTUM VP R6 and R7 Vnet/IP Interface Package products. According to CISA’s advisory, maliciously crafted packets can cause the Vnet/IP software stack process to terminate. Yokogawa recommends applying the patch software release R1.08.00.
- Vendor
- Yokogawa Electric Corporation
- Product
- Yokogawa Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300) <=R1.07.00 Vnet/IP Interface Package for CENTUM VP R7 (VP7C3300)
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-26
- Original CVE updated
- 2026-02-26
- Advisory published
- 2026-02-26
- Advisory updated
- 2026-02-26
Who should care
Operators and administrators responsible for Yokogawa CENTUM VP environments, especially systems using the Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300) up to R1.07.00 and CENTUM VP R7 (VP7C3300). Industrial control system teams should prioritize validation, patch planning, and operational monitoring.
Technical summary
The advisory describes an availability-impacting condition where receipt of maliciously crafted packets may terminate the Vnet/IP software stack process. The supplied CVSS 3.1 vector is AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H, which aligns with an adjacent-network, high-complexity denial-of-service style impact focused on availability. The source corpus does not provide exploit details beyond the packet-triggered process termination.
Defensive priority
High for affected OT environments that rely on Vnet/IP connectivity, because a process termination could disrupt industrial communications and availability. Priority should be to confirm product/version exposure and plan remediation during an approved maintenance window.
Recommended defensive actions
- Confirm whether any CENTUM VP R6 or R7 hosts are running the affected Vnet/IP Interface Package versions identified in the advisory.
- Apply Yokogawa’s recommended patch software release R1.08.00 where operationally feasible.
- Coordinate patching through your OT change-management process and validate recovery procedures before deployment.
- If immediate patching is not possible, contact the local Yokogawa supporting office and follow the vendor advisory for mitigation guidance.
- Monitor affected systems for unexpected Vnet/IP stack process termination or communication interruptions after exposure to malformed traffic.
Evidence notes
The source advisory states: “If the affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated.” It also lists the remediation “Yokogawa recommends users apply patch software (R1.08.00).” The provided CVSS vector is CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H, supporting an availability-focused issue with adjacent attack requirements. Published and modified timestamps supplied in the corpus are 2026-02-26T07:00:00.000Z.
Official resources
-
CVE-2025-48021 CVE record
CVE.org
-
CVE-2025-48021 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA’s advisory and the supplied CVE record were published on 2026-02-26T07:00:00.000Z.