CVE-2025-48019
CWE-617Published: February 13, 2026· Updated: Feb 13, 2026
Official Description
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation.
If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated.
The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
Technical Analysis
CVE-2025-48019 requires adjacent network access, limiting remote exploitation but still posing risk in shared or local network environments.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
News & Research Mentioning CVE-2025-48019
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to terminate the software stack process, cause a denial-of-service condition, or execute arbitrary code. The following versions of Yokogawa CENTUM VP R6, R7 are affected: Vnet/IP Interface Package for CENTUM VP R6 (VP6C3300) <=R1.07.00 (CVE-2025-1924, CVE-2025-48019, CVE-2025-48020, CVE-2025-48021, CVE-2025-48022, CVE-2025-48023) Vnet/IP Interface Package for CENTUM VP R7 (VP7C3300) <=R1.07.00 (CVE-2025-1924, CVE-2025-48019, CVE-2025-48020, CVE-2025-48021, CVE-2025-48022, CVE-2025-48023) CVSS Vendor Equipment Vulnerabilities v3 6.9 Yokogawa Yokogawa CENTUM VP R6, R7 Out-of-bounds Write, Reachable Assertion, Integer Underflow (Wrap or Wraparound), Improper Handl [xlite_meta score:69 src:CISA Alerts xlite_fp:0c6c369a414074af655dc1f03d1cfb7bddc3ddf88c47560e6cfb3c24cdbd1075]
All References (1)
Quick Facts
Known Threat Actors
Related CVEs (CWE-617)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2025-48019 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts