CVE-2022-3192

Published: Mar 31, 2023Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6.

Affected (1)

Products: Abb: Ac500 Cpu Firmware

Abb

1 product

Ac500 Cpu Firmware

Configuration A

1 vulnerable · 29 platform

Vulnerable Software	Affected Versions
Abb Ac500 Cpu Firmware	From 2.0.0 to 2.8.6

Running on/with	Platform Versions
Abb Pm5630 2eth	Version 2.0
Abb Pm5650 2eth	Version 2.0
Abb Pm5670 2eth	Version 2.0
Abb Pm5675 2eth	Version 2.0
Abb Pm571 Eth V14x	Version 2.0
Abb Pm571 V14x	Version 2.0
Abb Pm572	Version 2.0
Abb Pm573 Eth	Version 2.0
Abb Pm581 Eth V14x	Version 2.0
Abb Pm581 V14x	Version 2.0
Abb Pm582	Version 2.0
Abb Pm582 Arcnet	Version 2.0
Abb Pm582 Eth	Version 2.0
Abb Pm582 V14x	Version 2.0
Abb Pm583 Eth	Version 2.0
Abb Pm585 Eth	Version 2.0
Abb Pm585 Mc Kit	Version 2.0
Abb Pm590 Arcnet V14x	Version 2.0
Abb Pm590 Eth	Version 2.0
Abb Pm590 Eth V14x	Version 2.0
Abb Pm590 Mc Kit	Version 2.0
Abb Pm590 V14x	Version 2.0
Abb Pm591 2eth	Version 2.0
Abb Pm591 Arcnet V14x	Version 2.0
Abb Pm591 Eth	Version 2.0
Abb Pm591 Eth V14x	Version 2.0
Abb Pm591 V14x	Version 2.0
Abb Pm592 Eth	Version 2.0
Abb Pm595 4eth F	Version 2.0

Related CWEs

CWE-754

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (2)

https://search.abb.com/library/Download.aspx?DocumentID=3ADR011162&LanguageCode=en&DocumentPartId=&Action=Launch

Source: cybersecurity@ch.abb.com

Vendor Advisory

https://search.abb.com/library/Download.aspx?DocumentID=3ADR011162&LanguageCode=en&DocumentPartId=&Action=Launch

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.