Vulnerability-Lookup

CNVD-2019-19833

Vulnerability from cnvd - Published: 2019-06-28

Title

ABB HMI Hardcoded Credentials文件读取漏洞

Description

ABB PB610是瑞士ABB公司的一款为CP600控制面板平台设计图形用户界面的软件。 ABB HMI Hardcoded Credentials存在文件读取漏洞，攻击者可借助硬编码凭证利用该漏洞对HMI配置文件进行读写操作并重置设备。

Severity

高

Patch Name

ABB HMI Hardcoded Credentials文件读取漏洞的补丁

Patch Description

ABB PB610是瑞士ABB公司的一款为CP600控制面板平台设计图形用户界面的软件。 ABB HMI Hardcoded Credentials存在文件读取漏洞，攻击者可借助硬编码凭证利用该漏洞对HMI配置文件进行读写操作并重置设备。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://library.e.abb.com/public/b0021d2ab9ba4e3ab14d7c2796f5908e/ABB-Advisory_3ADR010377_2.pdf

Reference

https://cxsecurity.com/issue/WLB-2019060154 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7225 https://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html

Impacted products

Name
['ABB PB610 Panel Builder 600 2.8.0.367', 'ABB PB610 Panel Builder 600 1.91']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-7225",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-7225"
    }
  },
  "description": "ABB PB610\u662f\u745e\u58ebABB\u516c\u53f8\u7684\u4e00\u6b3e\u4e3aCP600\u63a7\u5236\u9762\u677f\u5e73\u53f0\u8bbe\u8ba1\u56fe\u5f62\u7528\u6237\u754c\u9762\u7684\u8f6f\u4ef6\u3002\n\nABB HMI Hardcoded Credentials\u5b58\u5728\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u501f\u52a9\u786c\u7f16\u7801\u51ed\u8bc1\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9HMI\u914d\u7f6e\u6587\u4ef6\u8fdb\u884c\u8bfb\u5199\u64cd\u4f5c\u5e76\u91cd\u7f6e\u8bbe\u5907\u3002",
  "discovererName": "xen1thLabs - Software Labs",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://library.e.abb.com/public/b0021d2ab9ba4e3ab14d7c2796f5908e/ABB-Advisory_3ADR010377_2.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-19833",
  "openTime": "2019-06-28",
  "patchDescription": "ABB PB610\u662f\u745e\u58ebABB\u516c\u53f8\u7684\u4e00\u6b3e\u4e3aCP600\u63a7\u5236\u9762\u677f\u5e73\u53f0\u8bbe\u8ba1\u56fe\u5f62\u7528\u6237\u754c\u9762\u7684\u8f6f\u4ef6\u3002\r\n\r\nABB HMI Hardcoded Credentials\u5b58\u5728\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u501f\u52a9\u786c\u7f16\u7801\u51ed\u8bc1\u5229\u7528\u8be5\u6f0f\u6d1e\u5bf9HMI\u914d\u7f6e\u6587\u4ef6\u8fdb\u884c\u8bfb\u5199\u64cd\u4f5c\u5e76\u91cd\u7f6e\u8bbe\u5907\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ABB HMI Hardcoded Credentials\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "ABB PB610 Panel Builder 600 2.8.0.367",
      "ABB PB610 Panel Builder 600 1.91"
    ]
  },
  "referenceLink": "https://cxsecurity.com/issue/WLB-2019060154\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7225\r\nhttps://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html",
  "serverity": "\u9ad8",
  "submitTime": "2019-06-26",
  "title": "ABB HMI Hardcoded Credentials\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e"
}

CVE-2019-7225 (GCVE-0-2019-7225)

Vulnerability from cvelistv5 – Published: 2019-06-27 16:38 – Updated: 2024-08-04 20:46

Summary

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://seclists.org/fulldisclosure/2019/Jun/38	mailing-listx_refsource_FULLDISC
	http://packetstormsecurity.com/files/153397/ABB-H…	x_refsource_MISC
	https://www.darkmatter.ae/xen1thlabs/abb-hmi-hard…	x_refsource_MISC
	http://seclists.org/fulldisclosure/2019/Jun/38	mailing-listx_refsource_FULLDISC
	http://www.securityfocus.com/bid/108922	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:46:45.863Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190624 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jun/38"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/"
          },
          {
            "name": "20190620 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jun/38"
          },
          {
            "name": "108922",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108922"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool \"Panel Builder 600\" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-01T06:06:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20190624 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jun/38"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/"
        },
        {
          "name": "20190620 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jun/38"
        },
        {
          "name": "108922",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108922"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-7225",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool \"Panel Builder 600\" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190624 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jun/38"
            },
            {
              "name": "http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html"
            },
            {
              "name": "https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/",
              "refsource": "MISC",
              "url": "https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/"
            },
            {
              "name": "20190620 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jun/38"
            },
            {
              "name": "108922",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108922"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-7225",
    "datePublished": "2019-06-27T16:38:39",
    "dateReserved": "2019-01-30T00:00:00",
    "dateUpdated": "2024-08-04T20:46:45.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-19833

CVE-2019-7225 (GCVE-0-2019-7225)

Tags

Sightings

Nomenclature