Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-7228 (GCVE-0-2019-7228)
Vulnerability from cvelistv5 – Published: 2019-06-27 14:21 – Updated: 2024-08-04 20:46
VLAI?
EPSS
Summary
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:45.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190624 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
},
{
"name": "108886",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108886"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"name": "20190620 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-27T15:59:03.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20190624 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
},
{
"name": "108886",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108886"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"name": "20190620 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190624 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
},
{
"name": "108886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108886"
},
{
"name": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/",
"refsource": "MISC",
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"name": "20190620 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7228",
"datePublished": "2019-06-27T14:21:41.000Z",
"dateReserved": "2019-01-30T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:46:45.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-7228\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-06-27T15:15:09.230\",\"lastModified\":\"2024-11-21T04:47:47.873\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.\"},{\"lang\":\"es\",\"value\":\"El servidor HTTP ABB IDAL maneja las cadenas de formato en un nombre de usuario o cookie durante el proceso de identificaci\u00f3n . Si se intenta autenticar con el nombre de usuario% 25s% 25p% 25x% 25n se bloquear\u00e1 el servidor. Al enviar% 08x.AAAA.% 08x.% 08x se registrar\u00e1 el contenido de la memoria de la pila.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.5,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-134\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:abb:pb610_panel_builder_600_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.91\",\"versionEndIncluding\":\"2.8.0.367\",\"matchCriteriaId\":\"6C8196F7-A7BA-46FA-98E0-F0A261C18FFC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:abb:pb610_panel_builder_600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"992F7F8C-DDBB-4BA7-95B1-86CD40B173DB\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Jun/43\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108886\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Jun/43\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/108886\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
VAR-201906-0218
Vulnerability from variot - Updated: 2024-11-23 21:52The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack. ABB IDAL HTTP The server contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ABBPB610 is a software designed by ABB of Switzerland for the graphical user interface of the CP600 control panel platform. IDALHTTPserver is one of the HTTP (Hypertext Transfer Protocol) servers. A memory corruption vulnerability exists in IDALHTTPserver in ABBPB610. ABB PB610 Panel Builder 600 is prone to the following vulnerabilities: 1. An authentication-bypass vulnerability 2. A directory-traversal vulnerability 3. A stack-based buffer-overflow vulnerability 5. A buffer-overflow vulnerability Attackers can exploit these issues to execute arbitrary code, access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory, bypass authentication mechanism and perform unauthorized actions. Failed exploit attempts will likely cause denial-of-service conditions. ABB PB610 Panel Builder 600 version 1.91 through 2.8.0.367 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0218",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pb610 panel builder 600",
"scope": "lte",
"trust": 1.0,
"vendor": "abb",
"version": "2.8.0.367"
},
{
"model": "pb610 panel builder 600",
"scope": "gte",
"trust": 1.0,
"vendor": "abb",
"version": "1.91"
},
{
"model": "pb610 panel builder 600",
"scope": null,
"trust": 0.8,
"vendor": "abb",
"version": null
},
{
"model": "pb610",
"scope": null,
"trust": 0.6,
"vendor": "abb",
"version": null
},
{
"model": "pb610 panel builder",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "6002.8.0.367"
},
{
"model": "pb610 panel builder",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "6001.91"
},
{
"model": "pb610 panel builder",
"scope": "ne",
"trust": 0.3,
"vendor": "abb",
"version": "6002.8.0.424"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pb610 panel builder 600",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"db": "BID",
"id": "108886"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:abb:pb610_panel_builder_600_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eldar Marcussen,Xen1thLabs.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
}
],
"trust": 0.6
},
"cve": "CVE-2019-7228",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-7228",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-19476",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e95e6d50-ac70-49d1-ac71-508da06352da",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-7228",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-7228",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-7228",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-7228",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-19476",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-907",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
},
{
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack. ABB IDAL HTTP The server contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ABBPB610 is a software designed by ABB of Switzerland for the graphical user interface of the CP600 control panel platform. IDALHTTPserver is one of the HTTP (Hypertext Transfer Protocol) servers. A memory corruption vulnerability exists in IDALHTTPserver in ABBPB610. ABB PB610 Panel Builder 600 is prone to the following vulnerabilities:\n1. An authentication-bypass vulnerability\n2. A directory-traversal vulnerability\n3. A stack-based buffer-overflow vulnerability\n5. A buffer-overflow vulnerability\nAttackers can exploit these issues to execute arbitrary code, access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory, bypass authentication mechanism and perform unauthorized actions. Failed exploit attempts will likely cause denial-of-service conditions. \nABB PB610 Panel Builder 600 version 1.91 through 2.8.0.367 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-7228"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"db": "BID",
"id": "108886"
},
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-7228",
"trust": 3.5
},
{
"db": "PACKETSTORM",
"id": "153404",
"trust": 2.2
},
{
"db": "BID",
"id": "108886",
"trust": 1.9
},
{
"db": "ICS CERT",
"id": "ICSA-19-178-01",
"trust": 1.4
},
{
"db": "CNVD",
"id": "CNVD-2019-19476",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-907",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.2346",
"trust": 0.6
},
{
"db": "IVD",
"id": "E95E6D50-AC70-49D1-AC71-508DA06352DA",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"db": "BID",
"id": "108886"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
},
{
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"id": "VAR-201906-0218",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
}
],
"trust": 1.66666665
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
}
]
},
"last_update_date": "2024-11-23T21:52:11.953000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple Vulnerabilities in ABB PB610",
"trust": 0.8,
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"title": "ABBPB610IDALHTTPserver memory corruption vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/165541"
},
{
"title": "ABB PB610 IDAL HTTP server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94039"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-134",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://packetstormsecurity.com/files/153404/abb-idal-http-server-uncontrolled-format-string.html"
},
{
"trust": 1.9,
"url": "https://search.abb.com/library/download.aspx?documentid=3adr010377\u0026languagecode=en\u0026documentpartid=\u0026action=launch"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2019/jun/43"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/108886"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-178-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-7228"
},
{
"trust": 1.0,
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"trust": 0.9,
"url": "https://new.abb.com"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-7228"
},
{
"trust": 0.6,
"url": "http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"trust": 0.6,
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2346/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"db": "BID",
"id": "108886"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
},
{
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"db": "BID",
"id": "108886"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
},
{
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-27T00:00:00",
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"date": "2019-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"date": "2019-06-13T00:00:00",
"db": "BID",
"id": "108886"
},
{
"date": "2019-07-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"date": "2019-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-907"
},
{
"date": "2019-06-27T15:15:09.230000",
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-19476"
},
{
"date": "2019-06-13T00:00:00",
"db": "BID",
"id": "108886"
},
{
"date": "2019-07-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005794"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-907"
},
{
"date": "2024-11-21T04:47:47.873000",
"db": "NVD",
"id": "CVE-2019-7228"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ABB PB610 IDAL HTTP server Memory Corruption Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e95e6d50-ac70-49d1-ac71-508da06352da"
},
{
"db": "CNVD",
"id": "CNVD-2019-19476"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "format string error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-907"
}
],
"trust": 0.6
}
}
GSD-2019-7228
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-7228",
"description": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.",
"id": "GSD-2019-7228",
"references": [
"https://packetstormsecurity.com/files/cve/CVE-2019-7228"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-7228"
],
"details": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.",
"id": "GSD-2019-7228",
"modified": "2023-12-13T01:23:46.737436Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190624 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
},
{
"name": "108886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108886"
},
{
"name": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/",
"refsource": "MISC",
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"name": "20190620 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abb:pb610_panel_builder_600_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.8.0.367",
"versionStartIncluding": "1.91",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abb:pb610_panel_builder_600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7228"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"name": "20190620 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability",
"refsource": "FULLDISC",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"name": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"name": "108886",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108886"
},
{
"name": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-11-30T21:41Z",
"publishedDate": "2019-06-27T15:15Z"
}
}
}
ICSA-19-178-01
Vulnerability from csaf_cisa - Published: 2019-06-27 00:00 - Updated: 2019-06-27 00:00Summary
ABB PB610 Panel Builder 600
Notes
CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation: An attacker who successfully exploits these vulnerabilities could prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node.
Critical infrastructure sectors: Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Water and Wastewater
Countries/areas deployed: Worldwide
Company headquarters location: Switzerland
Recommended Practices: NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices: NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Exploitability: No known public exploits specifically target these vulnerabilities. If a control panel with a PB610 HMI application is connected to a network, an attacker who has network access to an affected system node could exploit these vulnerabilities. If the control panel is not connected to a network, an attacker would need to have physical access to an affected system node to exploit these vulnerabilities.
8.8 (High)
Mitigation
PB610 Panel Builder 600: v2.8.0.424.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN31: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN30: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.
Mitigation
If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.
Mitigation
To prevent an unauthorized login via a remote client, leave the “Force Remote Login” option of the security settings checked (default setting). In addition, set new users and passwords in the user's settings for remote clients to “use different user and password.”
Mitigation
Restrict physical access to process control systems to authorized personnel,
Mitigation
Do not have direct connections to the Internet,
Mitigation
Separate from other networks by means of a firewall system with a minimal number of exposed ports,
Mitigation
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Mitigation
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Mitigation
More information on ABB's recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems
https://library.e.abb.com/public/b1f29a78bc9979d7…
Mitigation
For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.
https://new.abb.com/contact-centers
Mitigation
Information about ABB's cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.
http://www.abb.com/cybersecurity
Mitigation
For more information see ABB's security advisory 3ADR010377.
https://search.abb.com/library/Download.aspx?Docu…
8.8 (High)
Mitigation
PB610 Panel Builder 600: v2.8.0.424.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN31: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN30: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.
Mitigation
If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.
Mitigation
To prevent an unauthorized login via a remote client, leave the “Force Remote Login” option of the security settings checked (default setting). In addition, set new users and passwords in the user's settings for remote clients to “use different user and password.”
Mitigation
Restrict physical access to process control systems to authorized personnel,
Mitigation
Do not have direct connections to the Internet,
Mitigation
Separate from other networks by means of a firewall system with a minimal number of exposed ports,
Mitigation
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Mitigation
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Mitigation
More information on ABB's recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems
https://library.e.abb.com/public/b1f29a78bc9979d7…
Mitigation
For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.
https://new.abb.com/contact-centers
Mitigation
Information about ABB's cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.
http://www.abb.com/cybersecurity
Mitigation
For more information see ABB's security advisory 3ADR010377.
https://search.abb.com/library/Download.aspx?Docu…
7.3 (High)
Mitigation
PB610 Panel Builder 600: v2.8.0.424.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN31: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN30: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.
Mitigation
If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.
Mitigation
To prevent an unauthorized login via a remote client, leave the “Force Remote Login” option of the security settings checked (default setting). In addition, set new users and passwords in the user's settings for remote clients to “use different user and password.”
Mitigation
Restrict physical access to process control systems to authorized personnel,
Mitigation
Do not have direct connections to the Internet,
Mitigation
Separate from other networks by means of a firewall system with a minimal number of exposed ports,
Mitigation
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Mitigation
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Mitigation
More information on ABB's recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems
https://library.e.abb.com/public/b1f29a78bc9979d7…
Mitigation
For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.
https://new.abb.com/contact-centers
Mitigation
Information about ABB's cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.
http://www.abb.com/cybersecurity
Mitigation
For more information see ABB's security advisory 3ADR010377.
https://search.abb.com/library/Download.aspx?Docu…
8.8 (High)
Mitigation
PB610 Panel Builder 600: v2.8.0.424.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN31: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN30: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.
Mitigation
If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.
Mitigation
To prevent an unauthorized login via a remote client, leave the “Force Remote Login” option of the security settings checked (default setting). In addition, set new users and passwords in the user's settings for remote clients to “use different user and password.”
Mitigation
Restrict physical access to process control systems to authorized personnel,
Mitigation
Do not have direct connections to the Internet,
Mitigation
Separate from other networks by means of a firewall system with a minimal number of exposed ports,
Mitigation
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Mitigation
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Mitigation
More information on ABB's recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems
https://library.e.abb.com/public/b1f29a78bc9979d7…
Mitigation
For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.
https://new.abb.com/contact-centers
Mitigation
Information about ABB's cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.
http://www.abb.com/cybersecurity
Mitigation
For more information see ABB's security advisory 3ADR010377.
https://search.abb.com/library/Download.aspx?Docu…
8.8 (High)
Mitigation
PB610 Panel Builder 600: v2.8.0.424.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN31: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN30: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.
Mitigation
If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.
Mitigation
To prevent an unauthorized login via a remote client, leave the “Force Remote Login” option of the security settings checked (default setting). In addition, set new users and passwords in the user's settings for remote clients to “use different user and password.”
Mitigation
Restrict physical access to process control systems to authorized personnel,
Mitigation
Do not have direct connections to the Internet,
Mitigation
Separate from other networks by means of a firewall system with a minimal number of exposed ports,
Mitigation
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Mitigation
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Mitigation
More information on ABB's recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems
https://library.e.abb.com/public/b1f29a78bc9979d7…
Mitigation
For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.
https://new.abb.com/contact-centers
Mitigation
Information about ABB's cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.
http://www.abb.com/cybersecurity
Mitigation
For more information see ABB's security advisory 3ADR010377.
https://search.abb.com/library/Download.aspx?Docu…
8.8 (High)
Mitigation
PB610 Panel Builder 600: v2.8.0.424.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN31: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN30: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.
Mitigation
If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.
Mitigation
To prevent an unauthorized login via a remote client, leave the “Force Remote Login” option of the security settings checked (default setting). In addition, set new users and passwords in the user's settings for remote clients to “use different user and password.”
Mitigation
Restrict physical access to process control systems to authorized personnel,
Mitigation
Do not have direct connections to the Internet,
Mitigation
Separate from other networks by means of a firewall system with a minimal number of exposed ports,
Mitigation
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Mitigation
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Mitigation
More information on ABB's recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems
https://library.e.abb.com/public/b1f29a78bc9979d7…
Mitigation
For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.
https://new.abb.com/contact-centers
Mitigation
Information about ABB's cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.
http://www.abb.com/cybersecurity
Mitigation
For more information see ABB's security advisory 3ADR010377.
https://search.abb.com/library/Download.aspx?Docu…
6.5 (Medium)
Mitigation
PB610 Panel Builder 600: v2.8.0.424.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN31: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
New version of BSP (board support package) UN30: v2.31.
http://search.abb.com/library/Download.aspx?Docum…
Mitigation
ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.
Mitigation
If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.
Mitigation
To prevent an unauthorized login via a remote client, leave the “Force Remote Login” option of the security settings checked (default setting). In addition, set new users and passwords in the user's settings for remote clients to “use different user and password.”
Mitigation
Restrict physical access to process control systems to authorized personnel,
Mitigation
Do not have direct connections to the Internet,
Mitigation
Separate from other networks by means of a firewall system with a minimal number of exposed ports,
Mitigation
Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.
Mitigation
Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
Mitigation
More information on ABB's recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems
https://library.e.abb.com/public/b1f29a78bc9979d7…
Mitigation
For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.
https://new.abb.com/contact-centers
Mitigation
Information about ABB's cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.
http://www.abb.com/cybersecurity
Mitigation
For more information see ABB's security advisory 3ADR010377.
https://search.abb.com/library/Download.aspx?Docu…
References
Acknowledgments
Xen1thLabs, a Darkmatter Company
United Arab Emirates
Abu Dhabi
{
"document": {
"acknowledgments": [
{
"organization": "Xen1thLabs, a Darkmatter Company",
"summary": "reporting these vulnerabilities to ABB"
},
{
"organization": "United Arab Emirates",
"summary": "reporting these vulnerabilities to ABB"
},
{
"organization": "Abu Dhabi",
"summary": "reporting these vulnerabilities to ABB"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "An attacker who successfully exploits these vulnerabilities could prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Chemical, Critical Manufacturing, Dams, Energy, Food and Agriculture, Water and Wastewater",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Switzerland",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nNCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities. If a control panel with a PB610 HMI application is connected to a network, an attacker who has network access to an affected system node could exploit these vulnerabilities. If the control panel is not connected to a network, an attacker would need to have physical access to an affected system node to exploit these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-178-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-178-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-178-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-178-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-178-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B"
}
],
"title": "ABB PB610 Panel Builder 600",
"tracking": {
"current_release_date": "2019-06-27T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-178-01",
"initial_release_date": "2019-06-27T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-06-27T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-178-01 ABB PB610 Panel Builder 600"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "1SAP500900R0101 | 1.91 \u003c= 2.8.0.367",
"product": {
"name": "PB610 Panel Builder 600 order code: 1SAP500900R0101 Versions 1.91 \u00e2\u20ac\u00a6 2.8.0.367 and prior",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "PB610 Panel Builder 600 order code"
}
],
"category": "vendor",
"name": "ABB"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-7225",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "The ABB CP635 HMI component implements hidden administrative accounts used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool Panel Builder 600 to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials.CVE-2019-7225 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7225"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PB610 Panel Builder 600: v2.8.0.424.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A4167\u0026LanguageCode=de\u0026LanguageCode=en\u0026LanguageCode=es\u0026LanguageCode=fr\u0026LanguageCode=zh\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN31: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN31V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN30: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN30V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "To prevent an unauthorized login via a remote client, leave the \u201cForce Remote Login\u201d option of the security settings checked (default setting). In addition, set new users and passwords in the user\u0027s settings for remote clients to \u201cuse different user and password.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to process control systems to authorized personnel,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not have direct connections to the Internet,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Separate from other networks by means of a firewall system with a minimal number of exposed ports,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "More information on ABB\u0027s recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://library.e.abb.com/public/b1f29a78bc9979d7c12577ec00177633/3BSE032547_B_en_Security_for_Industrial_Automation_and_Control_Systems.pdf"
},
{
"category": "mitigation",
"details": "For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://new.abb.com/contact-centers"
},
{
"category": "mitigation",
"details": "Information about ABB\u0027s cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.abb.com/cybersecurity"
},
{
"category": "mitigation",
"details": "For more information see ABB\u0027s security advisory 3ADR010377.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2019-7226",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "The IDAL HTTP server CGI interface contains a URL, which allows an unauthenticated attacker to bypass authentication and gain access to privileged functions.CVE-2019-7226 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7226"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PB610 Panel Builder 600: v2.8.0.424.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A4167\u0026LanguageCode=de\u0026LanguageCode=en\u0026LanguageCode=es\u0026LanguageCode=fr\u0026LanguageCode=zh\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN31: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN31V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN30: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN30V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "To prevent an unauthorized login via a remote client, leave the \u201cForce Remote Login\u201d option of the security settings checked (default setting). In addition, set new users and passwords in the user\u0027s settings for remote clients to \u201cuse different user and password.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to process control systems to authorized personnel,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not have direct connections to the Internet,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Separate from other networks by means of a firewall system with a minimal number of exposed ports,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "More information on ABB\u0027s recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://library.e.abb.com/public/b1f29a78bc9979d7c12577ec00177633/3BSE032547_B_en_Security_for_Industrial_Automation_and_Control_Systems.pdf"
},
{
"category": "mitigation",
"details": "For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://new.abb.com/contact-centers"
},
{
"category": "mitigation",
"details": "Information about ABB\u0027s cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.abb.com/cybersecurity"
},
{
"category": "mitigation",
"details": "For more information see ABB\u0027s security advisory 3ADR010377.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2019-7227",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "summary",
"text": "The IDAL FTP server fails to ensure directory change requests do not change to locations outside of the root FTP directory. An authenticated attacker can simply traverse outside the server root directory by changing the directory.CVE-2019-7227 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7227"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PB610 Panel Builder 600: v2.8.0.424.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A4167\u0026LanguageCode=de\u0026LanguageCode=en\u0026LanguageCode=es\u0026LanguageCode=fr\u0026LanguageCode=zh\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN31: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN31V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN30: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN30V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "To prevent an unauthorized login via a remote client, leave the \u201cForce Remote Login\u201d option of the security settings checked (default setting). In addition, set new users and passwords in the user\u0027s settings for remote clients to \u201cuse different user and password.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to process control systems to authorized personnel,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not have direct connections to the Internet,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Separate from other networks by means of a firewall system with a minimal number of exposed ports,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "More information on ABB\u0027s recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://library.e.abb.com/public/b1f29a78bc9979d7c12577ec00177633/3BSE032547_B_en_Security_for_Industrial_Automation_and_Control_Systems.pdf"
},
{
"category": "mitigation",
"details": "For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://new.abb.com/contact-centers"
},
{
"category": "mitigation",
"details": "Information about ABB\u0027s cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.abb.com/cybersecurity"
},
{
"category": "mitigation",
"details": "For more information see ABB\u0027s security advisory 3ADR010377.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2019-7228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The IDAL HTTP server is vulnerable to memory corruption through insecure use of user supplied format strings. An attacker can abuse this functionality to bypass authentication or execute code on the server.CVE-2019-7228 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7228"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PB610 Panel Builder 600: v2.8.0.424.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A4167\u0026LanguageCode=de\u0026LanguageCode=en\u0026LanguageCode=es\u0026LanguageCode=fr\u0026LanguageCode=zh\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN31: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN31V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN30: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN30V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "To prevent an unauthorized login via a remote client, leave the \u201cForce Remote Login\u201d option of the security settings checked (default setting). In addition, set new users and passwords in the user\u0027s settings for remote clients to \u201cuse different user and password.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to process control systems to authorized personnel,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not have direct connections to the Internet,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Separate from other networks by means of a firewall system with a minimal number of exposed ports,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "More information on ABB\u0027s recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://library.e.abb.com/public/b1f29a78bc9979d7c12577ec00177633/3BSE032547_B_en_Security_for_Industrial_Automation_and_Control_Systems.pdf"
},
{
"category": "mitigation",
"details": "For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://new.abb.com/contact-centers"
},
{
"category": "mitigation",
"details": "Information about ABB\u0027s cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.abb.com/cybersecurity"
},
{
"category": "mitigation",
"details": "For more information see ABB\u0027s security advisory 3ADR010377.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2019-7230",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The IDAL FTP server is vulnerable to memory corruption through insecure use of user supplied format strings. An attacker can abuse this functionality to bypass authentication or execute code on the server.CVE-2019-7230 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7230"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PB610 Panel Builder 600: v2.8.0.424.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A4167\u0026LanguageCode=de\u0026LanguageCode=en\u0026LanguageCode=es\u0026LanguageCode=fr\u0026LanguageCode=zh\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN31: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN31V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN30: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN30V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "To prevent an unauthorized login via a remote client, leave the \u201cForce Remote Login\u201d option of the security settings checked (default setting). In addition, set new users and passwords in the user\u0027s settings for remote clients to \u201cuse different user and password.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to process control systems to authorized personnel,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not have direct connections to the Internet,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Separate from other networks by means of a firewall system with a minimal number of exposed ports,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "More information on ABB\u0027s recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://library.e.abb.com/public/b1f29a78bc9979d7c12577ec00177633/3BSE032547_B_en_Security_for_Industrial_Automation_and_Control_Systems.pdf"
},
{
"category": "mitigation",
"details": "For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://new.abb.com/contact-centers"
},
{
"category": "mitigation",
"details": "Information about ABB\u0027s cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.abb.com/cybersecurity"
},
{
"category": "mitigation",
"details": "For more information see ABB\u0027s security advisory 3ADR010377.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2019-7232",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The IDAL HTTP server is vulnerable to a stack-based buffer overflow when a large host header is sent in a HTTP request. The host header value overflows a buffer and can overwrite the Structured Exception Handler (SEH) address with a large chunk of data.CVE-2019-7232 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7232"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PB610 Panel Builder 600: v2.8.0.424.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A4167\u0026LanguageCode=de\u0026LanguageCode=en\u0026LanguageCode=es\u0026LanguageCode=fr\u0026LanguageCode=zh\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN31: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN31V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN30: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN30V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "To prevent an unauthorized login via a remote client, leave the \u201cForce Remote Login\u201d option of the security settings checked (default setting). In addition, set new users and passwords in the user\u0027s settings for remote clients to \u201cuse different user and password.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to process control systems to authorized personnel,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not have direct connections to the Internet,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Separate from other networks by means of a firewall system with a minimal number of exposed ports,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "More information on ABB\u0027s recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://library.e.abb.com/public/b1f29a78bc9979d7c12577ec00177633/3BSE032547_B_en_Security_for_Industrial_Automation_and_Control_Systems.pdf"
},
{
"category": "mitigation",
"details": "For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://new.abb.com/contact-centers"
},
{
"category": "mitigation",
"details": "Information about ABB\u0027s cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.abb.com/cybersecurity"
},
{
"category": "mitigation",
"details": "For more information see ABB\u0027s security advisory 3ADR010377.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2019-7231",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The IDAL FTP server is vulnerable to a buffer overflow when a large string is sent by an authenticated attacker. This overflow is handled, but terminates the process.CVE-2019-7231 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-7231"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "PB610 Panel Builder 600: v2.8.0.424.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107492A4167\u0026LanguageCode=de\u0026LanguageCode=en\u0026LanguageCode=es\u0026LanguageCode=fr\u0026LanguageCode=zh\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN31: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN31V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "New version of BSP (board support package) UN30: v2.31.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://search.abb.com/library/Download.aspx?DocumentID=BSPCP600UN30V231\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"category": "mitigation",
"details": "ABB recommends users apply the update of the PB610 applications on CP600 control panels at the earliest convenience.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "If an update of the devices is not possible. ABB recommends users restrict network access to the devices to only trusted parties/devices.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "To prevent an unauthorized login via a remote client, leave the \u201cForce Remote Login\u201d option of the security settings checked (default setting). In addition, set new users and passwords in the user\u0027s settings for remote clients to \u201cuse different user and password.\u201d",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Restrict physical access to process control systems to authorized personnel,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Do not have direct connections to the Internet,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Separate from other networks by means of a firewall system with a minimal number of exposed ports,",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "More information on ABB\u0027s recommended practices can be found in the following document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://library.e.abb.com/public/b1f29a78bc9979d7c12577ec00177633/3BSE032547_B_en_Security_for_Industrial_Automation_and_Control_Systems.pdf"
},
{
"category": "mitigation",
"details": "For additional information and support please contact the local ABB service organization. For contact information, see: https://new.abb.com/contact-centers.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://new.abb.com/contact-centers"
},
{
"category": "mitigation",
"details": "Information about ABB\u0027s cybersecurity program and capabilities can be found at: http://www.abb.com/cybersecurity.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.abb.com/cybersecurity"
},
{
"category": "mitigation",
"details": "For more information see ABB\u0027s security advisory 3ADR010377.",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
CNVD-2019-19476
Vulnerability from cnvd - Published: 2019-06-27
VLAI Severity ?
Title
ABB PB610 IDAL HTTP server内存损坏漏洞
Description
ABB PB610是瑞士ABB公司的一款为CP600控制面板平台设计图形用户界面的软件。IDAL HTTP server是其中的一个HTTP(超文本传输协议)服务器。
ABB PB610中的IDAL HTTP server存在内存损坏漏洞,该漏洞源于在身份验证过程中,程序未能安全地处理用户名和cookie字符串,攻击者可利用该漏洞绕过身份验证或在服务器上执行代码。
Severity
高
Patch Name
ABB PB610 IDAL HTTP server内存损坏漏洞的补丁
Patch Description
ABB PB610是瑞士ABB公司的一款为CP600控制面板平台设计图形用户界面的软件。IDAL HTTP server是其中的一个HTTP(超文本传输协议)服务器。
ABB PB610中的IDAL HTTP server存在内存损坏漏洞,该漏洞源于在身份验证过程中,程序未能安全地处理用户名和cookie字符串,攻击者可利用该漏洞绕过身份验证或在服务器上执行代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://library.e.abb.com/public/b0021d2ab9ba4e3ab14d7c2796f5908e/ABB-Advisory_3ADR010377_2.pdf
Reference
https://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html
Impacted products
| Name | ABB PB610 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-7228"
}
},
"description": "ABB PB610\u662f\u745e\u58ebABB\u516c\u53f8\u7684\u4e00\u6b3e\u4e3aCP600\u63a7\u5236\u9762\u677f\u5e73\u53f0\u8bbe\u8ba1\u56fe\u5f62\u7528\u6237\u754c\u9762\u7684\u8f6f\u4ef6\u3002IDAL HTTP server\u662f\u5176\u4e2d\u7684\u4e00\u4e2aHTTP\uff08\u8d85\u6587\u672c\u4f20\u8f93\u534f\u8bae\uff09\u670d\u52a1\u5668\u3002\n\nABB PB610\u4e2d\u7684IDAL HTTP server\u5b58\u5728\u5185\u5b58\u635f\u574f\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u8eab\u4efd\u9a8c\u8bc1\u8fc7\u7a0b\u4e2d\uff0c\u7a0b\u5e8f\u672a\u80fd\u5b89\u5168\u5730\u5904\u7406\u7528\u6237\u540d\u548ccookie\u5b57\u7b26\u4e32\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u6216\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4ee3\u7801\u3002",
"discovererName": "Xen1thLabs",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://library.e.abb.com/public/b0021d2ab9ba4e3ab14d7c2796f5908e/ABB-Advisory_3ADR010377_2.pdf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-19476",
"openTime": "2019-06-27",
"patchDescription": "ABB PB610\u662f\u745e\u58ebABB\u516c\u53f8\u7684\u4e00\u6b3e\u4e3aCP600\u63a7\u5236\u9762\u677f\u5e73\u53f0\u8bbe\u8ba1\u56fe\u5f62\u7528\u6237\u754c\u9762\u7684\u8f6f\u4ef6\u3002IDAL HTTP server\u662f\u5176\u4e2d\u7684\u4e00\u4e2aHTTP\uff08\u8d85\u6587\u672c\u4f20\u8f93\u534f\u8bae\uff09\u670d\u52a1\u5668\u3002\r\n\r\nABB PB610\u4e2d\u7684IDAL HTTP server\u5b58\u5728\u5185\u5b58\u635f\u574f\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5728\u8eab\u4efd\u9a8c\u8bc1\u8fc7\u7a0b\u4e2d\uff0c\u7a0b\u5e8f\u672a\u80fd\u5b89\u5168\u5730\u5904\u7406\u7528\u6237\u540d\u548ccookie\u5b57\u7b26\u4e32\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u6216\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "ABB PB610 IDAL HTTP server\u5185\u5b58\u635f\u574f\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "ABB PB610"
},
"referenceLink": "https://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html",
"serverity": "\u9ad8",
"submitTime": "2019-06-26",
"title": "ABB PB610 IDAL HTTP server\u5185\u5b58\u635f\u574f\u6f0f\u6d1e"
}
GHSA-H33J-RJ54-987G
Vulnerability from github – Published: 2022-05-24 16:48 – Updated: 2022-12-01 00:30
VLAI?
Details
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
Severity ?
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2019-7228"
],
"database_specific": {
"cwe_ids": [
"CWE-134"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-06-27T15:15:00Z",
"severity": "HIGH"
},
"details": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.",
"id": "GHSA-h33j-rj54-987g",
"modified": "2022-12-01T00:30:42Z",
"published": "2022-05-24T16:48:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7228"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"type": "WEB",
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/108886"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2019-7228
Vulnerability from fkie_nvd - Published: 2019-06-27 15:15 - Updated: 2024-11-21 04:47
Severity ?
Summary
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://seclists.org/fulldisclosure/2019/Jun/43 | Exploit, Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/108886 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation, Patch, Vendor Advisory | |
| cve@mitre.org | https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2019/Jun/43 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108886 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| abb | pb610_panel_builder_600_firmware | * | |
| abb | pb610_panel_builder_600 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:abb:pb610_panel_builder_600_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8196F7-A7BA-46FA-98E0-F0A261C18FFC",
"versionEndIncluding": "2.8.0.367",
"versionStartIncluding": "1.91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:abb:pb610_panel_builder_600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "992F7F8C-DDBB-4BA7-95B1-86CD40B173DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack."
},
{
"lang": "es",
"value": "El servidor HTTP ABB IDAL maneja las cadenas de formato en un nombre de usuario o cookie durante el proceso de identificaci\u00f3n . Si se intenta autenticar con el nombre de usuario% 25s% 25p% 25x% 25n se bloquear\u00e1 el servidor. Al enviar% 08x.AAAA.% 08x.% 08x se registrar\u00e1 el contenido de la memoria de la pila."
}
],
"id": "CVE-2019-7228",
"lastModified": "2024-11-21T04:47:47.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-27T15:15:09.230",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108886"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153404/ABB-IDAL-HTTP-Server-Uncontrolled-Format-String.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…