These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-7741 affects Yokogawa CENTUM VP and involves a hardcoded password for the PROG account used in CENTUM Authentication Mode. The advisory says an attacker may be able to log in as PROG, but exploitation already requires access to the HIS screen controls. By default, PROG has S1 permission (equivalent to OFFUSER), which reduces the likelihood of critical operations or configuration changes. Risk inc [truncated]
CVE-2025-48023 is a medium-severity availability issue in Yokogawa CENTUM VP Vnet/IP interface packages. The CISA CSAF advisory republished on 2026-02-26 says maliciously crafted packets can terminate the Vnet/IP software stack process, which can disrupt affected OT communications. Yokogawa recommends upgrading to R1.08.00.
CVE-2025-48022 affects Yokogawa CENTUM VP R6 and R7 systems using the Vnet/IP Interface Package at versions up to R1.07.00. According to CISA’s advisory, maliciously crafted packets can terminate the Vnet/IP software stack process, creating an availability impact in an OT/ICS environment. The advisory was published on 2026-02-26 and maps to CVSS 3.1 5.3 (Medium).
CVE-2025-48021 is a medium-severity availability issue in Yokogawa CENTUM VP R6 and R7 Vnet/IP Interface Package products. According to CISA’s advisory, maliciously crafted packets can cause the Vnet/IP software stack process to terminate. Yokogawa recommends applying the patch software release R1.08.00.
CVE-2025-48020 affects Yokogawa CENTUM VP R6 and R7 Vnet/IP Interface Package versions up to R1.07.00. According to the advisory, maliciously crafted packets can terminate the Vnet/IP software stack process, creating an availability impact for affected OT environments. Yokogawa recommends upgrading to R1.08.00.
CVE-2025-48019 affects Yokogawa CENTUM VP R6/R7 Vnet/IP Interface Package versions up to R1.07.00. According to the CISA CSAF advisory, maliciously crafted packets can terminate the Vnet/IP software stack process, creating an availability impact; Yokogawa recommends updating to patch software R1.08.00.
CVE-2025-1924 is an OT advisory for Yokogawa CENTUM VP environments using the Vnet/IP Interface Package. According to CISA’s CSAF advisory, maliciously crafted packets can cause a denial of service that stops Vnet/IP communication functions, and the advisory also warns that arbitrary programs may be executed. Yokogawa’s recommended fix is patch software R1.08.00.
