Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-48021

Summary
Assigner-YokogawaGroup
Assigner Org ID-7168b535-132a-4efe-a076-338f829b2eb9
Published At-13 Feb, 2026 | 04:56
Updated At-13 Feb, 2026 | 12:54
Rejected At-
Credits

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:YokogawaGroup
Assigner Org ID:7168b535-132a-4efe-a076-338f829b2eb9
Published At:13 Feb, 2026 | 04:56
Updated At:13 Feb, 2026 | 12:54
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

Affected Products
Vendor
Yokogawa Electric Corporation
Product
Vnet/IP Interface Package
Default Status
unknown
Versions
Affected
  • R1.07.00 or earlier (custom)
Problem Types
TypeCWE IDDescription
CWECWE-191CWE-191 Integer Underflow (Wrap or Wraparound)
Type: CWE
CWE ID: CWE-191
Description: CWE-191 Integer Underflow (Wrap or Wraparound)
Metrics
VersionBase scoreBase severityVector
4.06.0MEDIUM
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0002-E.pdf
N/A
Hyperlink: https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0002-E.pdf
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:7168b535-132a-4efe-a076-338f829b2eb9
Published At:13 Feb, 2026 | 06:16
Updated At:02 Mar, 2026 | 15:33

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.06.0MEDIUM
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 6.0
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
yokogawa
yokogawa
>>vnet\/ip_interface_package>>Versions before r1.08.00(exclusive)
cpe:2.3:a:yokogawa:vnet\/ip_interface_package:*:*:*:*:*:*:*:*
yokogawa
yokogawa
>>centum_vp>>Versions up to r6.11.10(inclusive)
cpe:2.3:a:yokogawa:centum_vp:*:*:*:*:-:*:*:*
yokogawa
yokogawa
>>centum_vp>>r7.01.10
cpe:2.3:a:yokogawa:centum_vp:r7.01.10:*:*:*:-:*:*:*
Weaknesses
CWE IDTypeSource
CWE-191Secondary7168b535-132a-4efe-a076-338f829b2eb9
CWE ID: CWE-191
Type: Secondary
Source: 7168b535-132a-4efe-a076-338f829b2eb9
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0002-E.pdf7168b535-132a-4efe-a076-338f829b2eb9
Vendor Advisory
Hyperlink: https://web-material3.yokogawa.com/1/39281/files/YSAR-26-0002-E.pdf
Source: 7168b535-132a-4efe-a076-338f829b2eb9
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

8Records found
CVE-2025-48023
Matching Score-8
Assigner-Yokogawa Group
ShareView Details
Matching Score-8
Assigner-Yokogawa Group
CVSS Score-6||MEDIUM
EPSS-0.01% / 1.05%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 05:00
Updated-02 Mar, 2026 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

Action-Not Available
Vendor-yokogawaYokogawa Electric Corporation
Product-centum_vpvnet\/ip_interface_packageVnet/IP Interface Package
CWE ID-CWE-617
Reachable Assertion
CVE-2025-48020
Matching Score-8
Assigner-Yokogawa Group
ShareView Details
Matching Score-8
Assigner-Yokogawa Group
CVSS Score-6||MEDIUM
EPSS-0.00% / 0.14%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 04:54
Updated-02 Mar, 2026 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

Action-Not Available
Vendor-yokogawaYokogawa Electric Corporation
Product-centum_vpvnet\/ip_interface_packageVnet/IP Interface Package
CWE ID-CWE-617
Reachable Assertion
CVE-2025-48019
Matching Score-8
Assigner-Yokogawa Group
ShareView Details
Matching Score-8
Assigner-Yokogawa Group
CVSS Score-6||MEDIUM
EPSS-0.00% / 0.14%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 04:51
Updated-02 Mar, 2026 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

Action-Not Available
Vendor-yokogawaYokogawa Electric Corporation
Product-centum_vpvnet\/ip_interface_packageVnet/IP Interface Package
CWE ID-CWE-617
Reachable Assertion
CVE-2025-48022
Matching Score-8
Assigner-Yokogawa Group
ShareView Details
Matching Score-8
Assigner-Yokogawa Group
CVSS Score-6||MEDIUM
EPSS-0.01% / 1.05%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 04:58
Updated-02 Mar, 2026 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

Action-Not Available
Vendor-yokogawaYokogawa Electric Corporation
Product-centum_vpvnet\/ip_interface_packageVnet/IP Interface Package
CWE ID-CWE-130
Improper Handling of Length Parameter Inconsistency
CVE-2025-1924
Matching Score-6
Assigner-Yokogawa Group
ShareView Details
Matching Score-6
Assigner-Yokogawa Group
CVSS Score-6||MEDIUM
EPSS-0.00% / 0.13%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 04:46
Updated-02 Mar, 2026 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

Action-Not Available
Vendor-yokogawaYokogawa Electric Corporation
Product-centum_vpvnet\/ip_interface_packageVnet/IP Interface Package
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-7423
Matching Score-4
Assigner-Amazon
ShareView Details
Matching Score-4
Assigner-Amazon
CVSS Score-6||MEDIUM
EPSS-0.02% / 5.48%
||
7 Day CHG~0.00%
Published-29 Apr, 2026 | 18:36
Updated-04 May, 2026 | 13:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Underflow in ICMP Echo Reply Processing in FreeRTOS-Plus-TCP

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read of up to approximately 65KB. To mitigate this issue, users should upgrade to the fixed version when available.

Action-Not Available
Vendor-amazonAWS
Product-freertos-plus-tcpFreeRTOS-Plus-TCP
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2024-3077
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-6.8||MEDIUM
EPSS-0.15% / 34.81%
||
7 Day CHG~0.00%
Published-29 Mar, 2024 | 05:06
Updated-23 Jan, 2025 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bluetooth: integer underflow in gatt_find_info_rsp

An malicious BLE device can crash BLE victim device by sending malformed gatt packet

Action-Not Available
Vendor-Zephyr Project
Product-zephyrZephyr
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2024-6258
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-6.8||MEDIUM
EPSS-0.17% / 38.00%
||
7 Day CHG~0.00%
Published-13 Sep, 2024 | 19:05
Updated-17 Sep, 2025 | 06:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BT: Missing length checks of net_buf in rfcomm_handle_data

BT: Missing length checks of net_buf in rfcomm_handle_data

Action-Not Available
Vendor-Zephyr Project
Product-zephyrZephyrzephyr
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
Details not found