PatchSiren cyber security CVE debrief
CVE-2024-8110 Yokogawa Electric Corporation CVE debrief
CVE-2024-8110 is a HIGH severity vulnerability (CVSS 7.5) in Yokogawa's Dual-redundant Platform for Computer (PC2CKM), published on September 17, 2024. The issue stems from improper handling of UDP broadcast traffic: when the affected system receives a large volume of UDP broadcast packets in a short timeframe, it may trigger an unexpected restart. In dual-redundant configurations where both active and standby computers restart simultaneously, this results in temporary loss of functionality—a significant availability impact for industrial control environments. The vulnerability affects PC2CKM versions from R1.01.00 through versions prior to R2.03.00. The attack vector is network-based with low complexity, requiring no privileges or user interaction, making it remotely exploitable. This is particularly concerning for OT/ICS environments where high availability is critical. Yokogawa has released a patched version (R2.03.10) to address this issue.
- Vendor
- Yokogawa Electric Corporation
- Product
- Dual-redundant Platform for Computer (PC2CKM)
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-09-17
- Original CVE updated
- 2024-09-17
- Advisory published
- 2024-09-17
- Advisory updated
- 2024-09-17
Who should care
Organizations operating Yokogawa PC2CKM dual-redundant platforms in industrial control or critical infrastructure environments, particularly those with high-availability requirements. ICS security teams, OT network administrators, and asset owners in process industries (oil & gas, chemicals, power generation) using Yokogawa distributed control systems should prioritize this patch.
Technical summary
The vulnerability exists in the network stack handling of UDP broadcast packets. A flood of such packets causes system instability leading to restart. In dual-redundant configurations, simultaneous restart of both active and standby units creates a temporary service outage. The CVSS 3.1 score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) reflects high availability impact with network accessibility and no authentication required.
Defensive priority
HIGH
Recommended defensive actions
- Update affected PC2CKM systems to version R2.03.10 or later
- Implement network segmentation to limit UDP broadcast traffic exposure to affected systems
- Monitor for abnormal UDP broadcast traffic patterns as potential indicators of exploitation attempts
- Contact Yokogawa for additional guidance on deployment and configuration of the security update
- Review and apply CISA ICS recommended practices for defense-in-depth strategies in industrial control environments
Evidence notes
Vulnerability details sourced from CISA ICS advisory ICSA-24-261-03. Affected product versions confirmed as PC2CKM R1.01.00 through R2.03.00 (exclusive). CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H confirms network-based, unauthenticated denial-of-service condition. Remediation guidance explicitly recommends update to R2.03.10.
Official resources
-
CVE-2024-8110 CVE record
CVE.org
-
CVE-2024-8110 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-09-17