ABB has a mitigation plan to handle an improper authentication vulnerability in its CMS-770, according to a report with NCCIC.
Successful exploitation of this vulnerability, discovered by Maxim Rupp (RuppIT), may allow an attacker to read sensitive configuration files that may lead to code execution on the device.
CMS-770: Software Versions 1.7.1 and prior from the ABB and Busch-Jaeger brands. The vulnerability is exploitable from an adjacent network.
An attacker can read sensitive configuration files by bypassing the user authentication mechanism.
CVE-2018-17928 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.
The product sees use in multiple manufacturing sectors. It also sees action on a global basis.
No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.
ABB recommends installing the device in accordance with the latest instructions from the updated technical manual. For additional information, refer to ABB’s security notification ABBVU-EPBP-R-5673 and the product user manual.