VYPR

Vendor CVEs

Abb

All CVEs

253 total · sorted by risk
  • CVE-2020-24675Dec 22, 2020
    risk 0.00cvss epss 0.01

    In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process.

  • CVE-2020-24673Dec 22, 2020
    risk 0.00cvss epss 0.01

    In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file…

  • CVE-2020-24674Dec 22, 2020
    risk 0.00cvss epss 0.03

    In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.

  • CVE-2020-24683Dec 22, 2020
    risk 0.00cvss epss 0.01

    The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a…

  • CVE-2020-24680Dec 22, 2020
    risk 0.00cvss epss 0.00

    In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.

  • CVE-2020-24679Dec 22, 2020
    risk 0.00cvss epss 0.02

    A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted.

  • CVE-2020-24677Dec 22, 2020
    risk 0.00cvss epss 0.01

    Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.

  • CVE-2020-24676Dec 22, 2020
    risk 0.00cvss epss 0.00

    In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.

  • CVE-2020-24678Dec 22, 2020
    risk 0.00cvss epss 0.01

    An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges.

  • CVE-2020-10287Jul 15, 2020
    risk 0.00cvss epss 0.01

    The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running…

  • CVE-2020-8482May 29, 2020
    risk 0.00cvss epss 0.00

    Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data

  • CVE-2020-8489Apr 29, 2020
    risk 0.00cvss epss 0.00

    Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting the runtime values to be stored in the archive, or making…

  • CVE-2020-8488Apr 29, 2020
    risk 0.00cvss epss 0.00

    Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing…

  • CVE-2020-8487Apr 29, 2020
    risk 0.00cvss epss 0.00

    Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.

  • CVE-2020-8486Apr 29, 2020
    risk 0.00cvss epss 0.00

    Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.

  • CVE-2020-8485Apr 29, 2020
    risk 0.00cvss epss 0.00

    Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.

  • CVE-2020-8484Apr 29, 2020
    risk 0.00cvss epss 0.00

    Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.

  • CVE-2020-8478Apr 29, 2020
    risk 0.00cvss epss 0.00

    Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data,…

  • CVE-2020-8481Apr 29, 2020
    risk 0.00cvss epss 0.02

    For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1,…

  • CVE-2020-8471Apr 29, 2020
    risk 0.00cvss epss 0.00

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+…

  • CVE-2020-8479Apr 29, 2020
    risk 0.00cvss epss 0.02

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+…

  • CVE-2020-8475Apr 29, 2020
    risk 0.00cvss epss 0.01

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+…

  • CVE-2020-8476Apr 29, 2020
    risk 0.00cvss epss 0.02

    For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+…

  • CVE-2020-8473Apr 28, 2020
    risk 0.00cvss epss 0.00

    Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could…

  • CVE-2020-8472Apr 28, 2020
    risk 0.00cvss epss 0.00

    Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to…

  • CVE-2020-11420Apr 27, 2020
    risk 0.00cvss epss 0.02

    UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An…

  • CVE-2020-8477Apr 22, 2020
    risk 0.00cvss epss 0.02

    The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.

  • CVE-2019-19107Apr 22, 2020
    risk 0.00cvss epss 0.00

    The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when displayed).

  • CVE-2019-19106Apr 22, 2020
    risk 0.00cvss epss 0.01

    Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application settings.

  • CVE-2019-19105Apr 22, 2020
    risk 0.00cvss epss 0.00

    The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway saves the current settings and configuration of the application, including credentials of existing user accounts and other configuration's credentials in plaintext.

  • CVE-2019-19104Apr 22, 2020
    risk 0.00cvss epss 0.01

    The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue…

  • CVE-2020-8474Apr 22, 2020
    risk 0.00cvss epss 0.00

    Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction.

  • CVE-2019-10995Jan 14, 2020
    risk 0.00cvss epss 0.01

    ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface.

  • CVE-2019-18996Dec 18, 2019
    risk 0.00cvss epss 0.00

    Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context.

  • CVE-2019-18997Dec 18, 2019
    risk 0.00cvss epss 0.02

    The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus…

  • CVE-2019-18994Dec 18, 2019
    risk 0.00cvss epss 0.01

    Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such…

  • CVE-2019-18995Dec 18, 2019
    risk 0.00cvss epss 0.02

    The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.

  • CVE-2019-18253Nov 27, 2019
    risk 0.00cvss epss 0.02

    An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior) outside the intended directory.

  • CVE-2019-18250Nov 25, 2019
    risk 0.00cvss epss 0.02

    In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.

  • CVE-2019-7225Jun 27, 2019
    risk 0.00cvss epss 0.03

    The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These…

  • CVE-2019-7226Jun 27, 2019
    risk 0.00cvss epss 0.05

    The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with…

  • CVE-2019-7227Jun 27, 2019
    risk 0.00cvss epss 0.09

    In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with "CWD ../" and then use the FTP server functionality to download and upload files. An unauthenticated attacker can take advantage of the hardcoded or default…

  • CVE-2019-7228Jun 27, 2019
    risk 0.00cvss epss 0.04

    The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.

  • CVE-2019-7231Jun 24, 2019
    risk 0.00cvss epss 0.07

    The ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can send a FTP command string of 472 bytes or more to overflow a buffer, causing an…

  • CVE-2019-7229Jun 24, 2019
    risk 0.00cvss epss 0.01

    The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements…

  • CVE-2019-7230Jun 24, 2019
    risk 0.00cvss epss 0.04

    The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.

  • CVE-2018-19008Feb 13, 2019
    risk 0.00cvss epss 0.02

    The TextEditor 2.0 in ABB CP400 Panel Builder versions 2.0.7.05 and earlier contain a vulnerability in the file parser of the Text Editor wherein the application doesn't properly prevent the insertion of specially crafted files which could allow arbitrary code execution.

  • CVE-2018-20720Jan 16, 2019
    risk 0.00cvss epss 0.02

    ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1.3 before 1.3.0.A6 allow remote attackers to cause a denial of service (reboot) via a reboot command in an SPA message.

  • CVE-2018-18997Jan 3, 2019
    risk 0.00cvss epss 0.01

    Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the…

  • CVE-2018-18995Jan 3, 2019
    risk 0.00cvss epss 0.03

    Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers,…

Page 5 of 6