Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for REX640 PCL3 by ABB

    CVE-2023-2876 (GCVE-0-2023-2876)

    Vulnerability from nvd – Published: 2023-06-13 03:52 – Updated: 2025-01-03 02:00
    VLAI
    Title
    Session cookie exposure for client side script
    Summary
    Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag
    Assigner
    ABB
    Impacted products
    Vendor Product Version
    ABB REX640 PCL1 Affected: 1.0;0 , < 1.0.8 (firmware update)
    Create a notification for this product.
    ABB REX640 PCL2 Affected: 1.0;0 , < 1.1.4 (firwmare update)
    Create a notification for this product.
    ABB REX640 PCL3 Affected: 1.0;0 , < 1.2.1 (firwmare update)
    Create a notification for this product.
    Date Public
    2023-06-12 06:30
    Credits
    ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG's OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:06.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:58:48.969845Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T02:00:22.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "firmware"
              ],
              "product": "REX640 PCL1",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.0.8",
                  "status": "affected",
                  "version": "1.0;0",
                  "versionType": "firmware update"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Firmware"
              ],
              "product": "REX640 PCL2",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.1.4",
                  "status": "affected",
                  "version": "1.0;0",
                  "versionType": "firwmare update"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "firmware"
              ],
              "product": "REX640 PCL3",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.2.1",
                  "status": "affected",
                  "version": "1.0;0",
                  "versionType": "firwmare update"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG\u0027s OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers."
            }
          ],
          "datePublic": "2023-06-12T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.\u003c/p\u003e"
                }
              ],
              "value": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1004",
                  "description": "CWE-1004 Sensitive Cookie Without \u0027HttpOnly\u0027 Flag",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T03:52:12.002Z",
            "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
            "shortName": "ABB"
          },
          "references": [
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Session cookie exposure for client side script",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "assignerShortName": "ABB",
        "cveId": "CVE-2023-2876",
        "datePublished": "2023-06-13T03:52:12.002Z",
        "dateReserved": "2023-05-24T17:41:29.260Z",
        "dateUpdated": "2025-01-03T02:00:22.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1596 (GCVE-0-2022-1596)

    Vulnerability from nvd – Published: 2022-06-21 14:23 – Updated: 2024-09-16 23:11
    VLAI
    Title
    ABB Relion REX640 Insufficient file access control
    Summary
    Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    ABB
    References
    Impacted products
    Vendor Product Version
    ABB REX640 PCL1 Affected: unspecified , ≤ 1.0.7 (custom)
    Create a notification for this product.
    ABB REX640 PCL2 Affected: unspecified , < 1.1.4 (custom)
    Create a notification for this product.
    ABB REX640 PCL3 Affected: unspecified , < 1.2.1 (custom)
    Create a notification for this product.
    Date Public
    2022-06-21 00:00
    Credits
    ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG's OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:10:03.785Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "REX640 PCL1",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "REX640 PCL2",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.1.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "REX640 PCL3",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.2.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG\u0027s OT Cyber Security Lab for helping to  identify the vulnerabilities and protecting our customers."
            }
          ],
          "datePublic": "2022-06-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-21T14:23:42.000Z",
            "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
            "shortName": "ABB"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "ABB Relion REX640 Insufficient file access control",
          "workarounds": [
            {
              "lang": "en",
              "value": "Although these workarounds will not correct the underlying vulnerability, they can help blocking known \nattack vectors. \n\u2022 Limit the HTTP(s) and FTP(S) to a local network by a firewall\n\u2022 Use a next generation (OSI layer 7) firewall for blocking the traffic to the userdb.xml file\n\u2022 Disable remote WHMI and FTP(S) and use local HMI only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@ch.abb.com",
              "DATE_PUBLIC": "2022-06-21T12:22:00.000Z",
              "ID": "CVE-2022-1596",
              "STATE": "PUBLIC",
              "TITLE": "ABB Relion REX640 Insufficient file access control"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "REX640 PCL1",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "1.0.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "REX640 PCL2",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.1.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "REX640 PCL3",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ABB"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG\u0027s OT Cyber Security Lab for helping to  identify the vulnerabilities and protecting our customers."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421",
                  "refsource": "MISC",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "Although these workarounds will not correct the underlying vulnerability, they can help blocking known \nattack vectors. \n\u2022 Limit the HTTP(s) and FTP(S) to a local network by a firewall\n\u2022 Use a next generation (OSI layer 7) firewall for blocking the traffic to the userdb.xml file\n\u2022 Disable remote WHMI and FTP(S) and use local HMI only"
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "assignerShortName": "ABB",
        "cveId": "CVE-2022-1596",
        "datePublished": "2022-06-21T14:23:42.343Z",
        "dateReserved": "2022-05-05T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:11:43.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-2876 (GCVE-0-2023-2876)

    Vulnerability from cvelistv5 – Published: 2023-06-13 03:52 – Updated: 2025-01-03 02:00
    VLAI
    Title
    Session cookie exposure for client side script
    Summary
    Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag
    Assigner
    ABB
    Impacted products
    Vendor Product Version
    ABB REX640 PCL1 Affected: 1.0;0 , < 1.0.8 (firmware update)
    Create a notification for this product.
    ABB REX640 PCL2 Affected: 1.0;0 , < 1.1.4 (firwmare update)
    Create a notification for this product.
    ABB REX640 PCL3 Affected: 1.0;0 , < 1.2.1 (firwmare update)
    Create a notification for this product.
    Date Public
    2023-06-12 06:30
    Credits
    ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG's OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T06:33:06.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-2876",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-03T01:58:48.969845Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-03T02:00:22.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "firmware"
              ],
              "product": "REX640 PCL1",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.0.8",
                  "status": "affected",
                  "version": "1.0;0",
                  "versionType": "firmware update"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Firmware"
              ],
              "product": "REX640 PCL2",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.1.4",
                  "status": "affected",
                  "version": "1.0;0",
                  "versionType": "firwmare update"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "firmware"
              ],
              "product": "REX640 PCL3",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.2.1",
                  "status": "affected",
                  "version": "1.0;0",
                  "versionType": "firwmare update"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG\u0027s OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers."
            }
          ],
          "datePublic": "2023-06-12T06:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.\u003c/p\u003e"
                }
              ],
              "value": "Sensitive Cookie Without \u0027HttpOnly\u0027 Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.\n\n"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-63",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-63 Cross-Site Scripting (XSS)"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1004",
                  "description": "CWE-1004 Sensitive Cookie Without \u0027HttpOnly\u0027 Flag",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-13T03:52:12.002Z",
            "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
            "shortName": "ABB"
          },
          "references": [
            {
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001423\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Session cookie exposure for client side script",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "assignerShortName": "ABB",
        "cveId": "CVE-2023-2876",
        "datePublished": "2023-06-13T03:52:12.002Z",
        "dateReserved": "2023-05-24T17:41:29.260Z",
        "dateUpdated": "2025-01-03T02:00:22.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-1596 (GCVE-0-2022-1596)

    Vulnerability from cvelistv5 – Published: 2022-06-21 14:23 – Updated: 2024-09-16 23:11
    VLAI
    Title
    ABB Relion REX640 Insufficient file access control
    Summary
    Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    ABB
    References
    Impacted products
    Vendor Product Version
    ABB REX640 PCL1 Affected: unspecified , ≤ 1.0.7 (custom)
    Create a notification for this product.
    ABB REX640 PCL2 Affected: unspecified , < 1.1.4 (custom)
    Create a notification for this product.
    ABB REX640 PCL3 Affected: unspecified , < 1.2.1 (custom)
    Create a notification for this product.
    Date Public
    2022-06-21 00:00
    Credits
    ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG's OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T00:10:03.785Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "REX640 PCL1",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThanOrEqual": "1.0.7",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "REX640 PCL2",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.1.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "REX640 PCL3",
              "vendor": "ABB",
              "versions": [
                {
                  "lessThan": "1.2.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG\u0027s OT Cyber Security Lab for helping to  identify the vulnerabilities and protecting our customers."
            }
          ],
          "datePublic": "2022-06-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-21T14:23:42.000Z",
            "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
            "shortName": "ABB"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "ABB Relion REX640 Insufficient file access control",
          "workarounds": [
            {
              "lang": "en",
              "value": "Although these workarounds will not correct the underlying vulnerability, they can help blocking known \nattack vectors. \n\u2022 Limit the HTTP(s) and FTP(S) to a local network by a firewall\n\u2022 Use a next generation (OSI layer 7) firewall for blocking the traffic to the userdb.xml file\n\u2022 Disable remote WHMI and FTP(S) and use local HMI only"
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@ch.abb.com",
              "DATE_PUBLIC": "2022-06-21T12:22:00.000Z",
              "ID": "CVE-2022-1596",
              "STATE": "PUBLIC",
              "TITLE": "ABB Relion REX640 Insufficient file access control"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "REX640 PCL1",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "1.0.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "REX640 PCL2",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.1.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "REX640 PCL3",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "1.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "ABB"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG\u0027s OT Cyber Security Lab for helping to  identify the vulnerabilities and protecting our customers."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421",
                  "refsource": "MISC",
                  "url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            },
            "work_around": [
              {
                "lang": "en",
                "value": "Although these workarounds will not correct the underlying vulnerability, they can help blocking known \nattack vectors. \n\u2022 Limit the HTTP(s) and FTP(S) to a local network by a firewall\n\u2022 Use a next generation (OSI layer 7) firewall for blocking the traffic to the userdb.xml file\n\u2022 Disable remote WHMI and FTP(S) and use local HMI only"
              }
            ]
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "assignerShortName": "ABB",
        "cveId": "CVE-2022-1596",
        "datePublished": "2022-06-21T14:23:42.343Z",
        "dateReserved": "2022-05-05T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:11:43.087Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }