CVE-2019-10995

EPSS 0.13%
Veröffentlicht 14.01.2020 17:15:12
Zuletzt bearbeitet 21.11.2024 04:20:18
Quelle ics-cert@hq.dhs.gov
Teams Watchlist Login
Unerledigt Login

ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Abb ≫ Cp651 Firmware Version <= bsp_un30_1.76

Abb ≫ Cp651 Version-

Abb ≫ Cp651-web Firmware Version <= bsp_un30_1.76

Abb ≫ Cp651-web Version-

Abb ≫ Cp661-web Firmware Version <= bsp_un30_1.76

Abb ≫ Cp661-web Version-

Abb ≫ Cp661 Firmware Version <= bsp_un30_1.76

Abb ≫ Cp661 Version-

Abb ≫ Cp665 Firmware Version <= bsp_un30_1.76

Abb ≫ Cp665 Version-

Abb ≫ Cp665-web Firmware Version <= bsp_un30_1.76

Abb ≫ Cp665-web Version-

Abb ≫ Cp676-web Firmware Version <= bsp_un30_1.76

Abb ≫ Cp676-web Version-

Abb ≫ Cp676 Firmware Version <= bsp_un30_1.76

Abb ≫ Cp676 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.335

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5.8	6.5	6.4	AV:A/AC:L/Au:N/C:P/I:P/A:P

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

http://www.securityfocus.com/bid/108928

Third Party Advisory

VDB Entry

https://www.us-cert.gov/ics/advisories/icsa-19-178-02

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2019-10995

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-10995

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-10995

EUVD