Unrated severityNVD Advisory· Published Jun 24, 2019· Updated Aug 4, 2024
CVE-2019-7229
CVE-2019-7229
Description
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- ABB/CP635 HMIdescription
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/153387/ABB-HMI-Missing-Signature-Verification.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2019/Jun/34mitremailing-listx_refsource_FULLDISCx_refsource_MISC
- search.abb.com/library/Download.aspxmitrex_refsource_CONFIRM
- search.abb.com/library/Download.aspxmitrex_refsource_CONFIRM
- www.darkmatter.ae/xen1thlabs/abb-hmi-absence-of-signature-verification-vulnerability-xl-19-005/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.