CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

ABB : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2008-2474 119 Exec Code Overflow 2008-09-29 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface.
2 CVE-2012-0245 119 Exec Code Overflow 2012-03-09 2012-10-30
10.0
None Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used in ABB Interlink Module, IRC5 OPC Server, PC SDK, PickMaster 3 and 5, RobView 5, RobotStudio, WebWare SDK, and WebWare Server, allow remote attackers to execute arbitrary code via a crafted (1) 0xA or (2) 0xE Netscan packet.
3 CVE-2012-1801 119 Exec Code Overflow 2012-04-18 2017-12-20
7.7
None Local Network Low ??? Complete Complete Complete
Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data.
4 CVE-2013-5021 22 Dir. Trav. 2013-08-06 2013-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager 1 through 6.3.6, and other products allow remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method in the (1) CWNumEdit, (2) CWGraph, (3) CWBoolean, (4) CWSlide, or (5) CWKnob ActiveX control, in conjunction with file content in the (a) Caption or (b) FormatString property value.
5 CVE-2014-5430 +Priv 2014-11-07 2014-11-07
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in ABB RobotStudio 5.6x before 5.61.02 and Test Signal Viewer 1.5 allows local users to gain privileges via a Trojan horse DLL that is accessed as a result of incorrect DLL configuration by an optional installation program.
6 CVE-2016-2281 264 +Priv 2016-03-18 2016-03-21
6.0
None Local High ??? Complete Complete Complete
Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
7 CVE-2016-4511 310 +Info 2016-06-10 2016-06-17
1.9
None Local Medium Not required Partial None None
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file.
8 CVE-2016-4516 200 +Info 2016-06-10 2016-06-15
2.1
None Local Low Not required Partial None None
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors.
9 CVE-2016-4524 310 +Info 2016-06-10 2016-06-15
2.1
None Local Low Not required Partial None None
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors.
10 CVE-2016-4527 255 +Info 2016-06-10 2016-06-15
1.9
None Local Medium Not required Partial None None
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors.
11 CVE-2017-16731 522 2017-12-20 2019-10-09
2.9
None Local Network Medium Not required Partial None None
An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). A vulnerability exists in the authentication of Ellipse to LDAP/AD using the LDAP protocol. An attacker could exploit the vulnerability by sniffing local network traffic, allowing the discovery of authentication credentials.
12 CVE-2018-5477 200 +Info 2018-02-20 2019-10-09
5.0
None Remote Low Not required Partial None None
An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. A vulnerability exists in the password entry section of netCADOPS Web Application that may expose critical database information.
13 CVE-2018-10616 20 2018-07-18 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used.
14 CVE-2018-14805 287 2018-08-29 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.
15 CVE-2019-7229 494 2019-06-24 2022-01-01
5.4
None Local Network Medium Not required Partial Partial Partial
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files.
16 CVE-2019-18250 287 Bypass 2019-11-26 2021-10-29
7.5
None Remote Low Not required Partial Partial Partial
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.
17 CVE-2019-18994 20 DoS 2019-12-18 2019-12-31
3.5
None Remote Medium ??? None None Partial
Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service.
18 CVE-2019-18995 20 DoS 2019-12-18 2019-12-31
5.0
None Remote Low Not required None None Partial
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.
19 CVE-2019-18996 426 Exec Code 2019-12-18 2020-02-10
4.4
None Local Medium Not required Partial Partial Partial
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context.
20 CVE-2019-18997 2019-12-18 2020-10-22
5.0
None Remote Low Not required Partial None None
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access.
21 CVE-2019-18998 639 2020-02-17 2022-01-01
5.5
None Remote Low ??? Partial Partial None
Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly.
22 CVE-2019-19000 200 +Info 2020-04-02 2020-04-03
6.4
None Remote Low Not required Partial Partial None
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
23 CVE-2019-19001 1021 2020-04-02 2020-04-03
4.3
None Remote Medium Not required Partial None None
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials.
24 CVE-2019-19002 79 XSS 2020-04-02 2020-04-03
3.5
None Remote Medium ??? None Partial None
For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting.
25 CVE-2019-19003 79 XSS 2020-04-02 2020-04-03
4.3
None Remote Medium Not required None Partial None
For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting.
26 CVE-2019-19089 94 Exec Code 2020-04-02 2020-10-19
4.3
None Remote Medium Not required None Partial None
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript.
27 CVE-2019-19090 311 2020-04-02 2020-04-03
3.5
None Remote Medium ??? Partial None None
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.
28 CVE-2019-19091 200 +Info 2020-04-02 2020-04-03
4.0
None Remote Low ??? Partial None None
For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack.
29 CVE-2019-19092 306 2020-04-02 2020-04-03
3.5
None Remote Medium ??? Partial None None
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.
30 CVE-2019-19093 521 2020-04-02 2020-04-03
6.4
None Remote Low Not required Partial Partial None
eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords.
31 CVE-2019-19094 89 Sql 2020-04-02 2020-04-03
6.5
None Remote Low ??? Partial Partial Partial
Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database.
32 CVE-2019-19095 79 XSS 2020-04-02 2020-04-03
3.5
None Remote Medium ??? None Partial None
Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an attacker to attack such as stored cross-site scripting by storing malicious content in the database.
33 CVE-2019-19096 522 2020-04-02 2020-04-03
3.6
None Local Low Not required Partial Partial None
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.
34 CVE-2019-19097 326 2020-04-02 2020-04-03
4.3
None Remote Medium Not required Partial None None
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection.
35 CVE-2020-8471 276 Exec Code 2020-04-29 2020-06-09
4.6
None Local Low Not required Partial Partial Partial
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, weak file permissions allow an authenticated attacker to block the license handling, escalate his/her privileges and execute arbitrary code.
36 CVE-2020-8472 732 2020-04-29 2020-05-14
6.8
None Local Low Not required Partial Complete Complete
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
37 CVE-2020-8473 732 2020-04-29 2020-05-14
6.8
None Local Low Not required Partial Complete Complete
Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
38 CVE-2020-8474 269 2020-04-22 2020-04-30
4.6
None Local Low Not required Partial Partial Partial
Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction.
39 CVE-2020-8475 20 2020-04-29 2020-06-09
2.1
None Local Low Not required None None Partial
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, a weakness in validation of input exists that allows an attacker to block license handling by sending specially crafted messages to the CLS web service.
40 CVE-2020-8476 20 2020-04-29 2020-06-09
5.0
None Remote Low Not required None Partial None
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, a weakness in validation of input exists that allows an attacker to alter licenses assigned to the system nodes by sending specially crafted messages to the CLS web service.
41 CVE-2020-8477 79 Exec Code XSS 2020-04-22 2020-04-30
6.8
None Remote Medium Not required Partial Partial Partial
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
42 CVE-2020-8478 74 2020-04-29 2020-05-13
2.1
None Local Low Not required None Partial None
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder.
43 CVE-2020-8479 91 2020-04-29 2020-06-09
7.5
None Remote Low Not required Partial Partial Partial
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, an XML External Entity Injection vulnerability exists that allows an attacker to read or call arbitrary files from the license server and/or from the network and also block the license handling.
44 CVE-2020-8481 922 2020-04-29 2021-09-14
10.0
None Remote Low Not required Complete Complete Complete
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, confidential data is written in an unprotected file. An attacker who successfully exploited this vulnerability could take full control of the computer.
45 CVE-2020-8482 922 2020-05-29 2020-06-01
2.1
None Local Low Not required Partial None None
Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data
46 CVE-2020-8484 2020-04-29 2020-05-08
4.6
None Local Low Not required Partial Partial Partial
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.
47 CVE-2020-8485 2020-04-29 2020-05-07
4.6
None Local Low Not required Partial Partial Partial
Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.
48 CVE-2020-8486 2020-04-29 2020-05-07
4.6
None Local Low Not required Partial Partial Partial
Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
49 CVE-2020-8487 2020-04-29 2020-05-08
4.6
None Local Low Not required Partial Partial Partial
Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
50 CVE-2020-8488 2020-04-29 2020-05-08
4.6
None Local Low Not required Partial Partial Partial
Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing functionalities.
Total number of vulnerabilities : 65   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.