CVE-2019-7225

Exploit

EPSS 0.22%
Published 27.06.2019 17:15:15
Last modified 21.11.2024 04:47:47
Source cve@mitre.org
Teams watchlist Login
Open Login

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Abb ≫ Cp620 Firmware Version <= 1.76

Abb ≫ Cp620 Version-

Abb ≫ Cp620-web Firmware Version <= 1.76

Abb ≫ Cp620-web Version-

Abb ≫ Cp630 Firmware Version <= 1.76

Abb ≫ Cp630 Version-

Abb ≫ Cp630-web Firmware Version <= 1.76

Abb ≫ Cp630-web Version-

Abb ≫ Cp635 Firmware Version <= 1.76

Abb ≫ Cp635 Version-

Abb ≫ Cp635-b Firmware Version <= 1.76

Abb ≫ Cp635-b Version-

Abb ≫ Cp635-web Firmware Version <= 1.76

Abb ≫ Cp635-web Version-

Abb ≫ Pb610 Firmware Version >= 1.91 <= 2.8.0.3674

Abb ≫ Pb610 Version-

Abb ≫ Cp651-web Firmware Version <= 1.76

Abb ≫ Cp651-web Version-

Abb ≫ Cp661 Firmware Version <= 1.76

Abb ≫ Cp661 Version-

Abb ≫ Cp661-web Firmware Version <= 1.76

Abb ≫ Cp661-web Version-

Abb ≫ Cp665 Firmware Version <= 1.76

Abb ≫ Cp665 Version-

Abb ≫ Cp665-web Firmware Version <= 1.76

Abb ≫ Cp665-web Version-

Abb ≫ Cp676 Firmware Version <= 1.76

Abb ≫ Cp676 Version-

Abb ≫ Cp676-web Firmware Version <= 1.76

Abb ≫ Cp676-web Version-

Abb ≫ Cp651 Firmware Version <= 1.76

Abb ≫ Cp651 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.22%	0.45

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5.8	6.5	6.4	AV:A/AC:L/Au:N/C:P/I:P/A:P

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html

Third Party Advisory

VDB Entry

http://seclists.org/fulldisclosure/2019/Jun/38

Third Party Advisory

Mailing List

http://www.securityfocus.com/bid/108922

Third Party Advisory

VDB Entry

https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/

Patch

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2019-7225

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-7225

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-7225

EUVD