CVE-2019-7225

Published: Jun 27, 2019Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.

Affected (16)

Products: Abb: Cp620 Firmware, Cp620 Web Firmware, Cp630 Firmware, Cp630 Web Firmware, Cp635 Firmware, Cp635 B Firmware, Cp635 Web Firmware, Pb610 Firmware, Cp651 Web Firmware, Cp661 Firmware, Cp661 Web Firmware, Cp665 Firmware, Cp665 Web Firmware, Cp676 Firmware, Cp676 Web Firmware, Cp651 Firmware

16 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp620 Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp620	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp620 Web Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp620 Web	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp630 Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp630	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp630 Web Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp630 Web	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp635 Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp635	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp635 B Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp635 B	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp635 Web Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp635 Web	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Pb610 Firmware	From 1.91 to 2.8.0.3674

Running on/with	Platform Versions
Abb Pb610	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp651 Web Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp651 Web	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp661 Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp661	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp661 Web Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp661 Web	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp665 Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp665	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp665 Web Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp665 Web	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp676 Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp676	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp676 Web Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp676 Web	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Abb Cp651 Firmware	Up to 1.76

Running on/with	Platform Versions
Abb Cp651	All versions

Related CWEs

CWE-798

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (8)

http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2019/Jun/38

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/108922

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/

Source: cve@mitre.org

ExploitPatchThird Party Advisory

http://packetstormsecurity.com/files/153397/ABB-HMI-Hardcoded-Credentials.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2019/Jun/38

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/108922

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.darkmatter.ae/xen1thlabs/abb-hmi-hardcoded-credentials-vulnerability-xl-19-009/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

Timeline

No history available yet.