ABB Fixes Hole in CP400 Panel Builder

Thursday, January 17, 2019 @ 03:01 PM gHale

ABB has new software version to handle an improper input validation vulnerability in its CP400 Panel Builder TextEditor 2.0, according to a report with NCCIC.

Successful exploitation of this vulnerability, discovered by Ivan Sanchez of NullCode, may allow an attacker to execute arbitrary code, and cause a denial-of-service condition within the Text Editor application.

RELATED STORIES
Omron Clears CX-Supervisor Holes
LCDS Fixes LAquis SCADA Holes
Tridium Fixes XSS Hole
Pilz Fixes PNOZmulti Configurator Issue

A Control Panel Software Suite, CP400PB, Panel Builder for CP405 and CP408, Versions 2.0.7.05 and prior suffer from the vulnerability.

The application contains a vulnerability in the file parser of the Text Editor wherein the application doesn’t properly prevent the insertion of specially crafted files.

CVE-2018-19008 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.0.

The product sees use in the chemical, critical manufacturing, dams, energy, food and agriculture, and water and wastewater sectors. It also sees action on a global basis.

No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely. High skill level is needed to exploit.

ABB recommended users of affected Versions 2.0.7.05 and prior update to the latest Version 2.1.7.21.

For additional information, see the ABB advisory ABBVU-IACT-3BSE091042.
SECURITY – CP400 Panel Builder TextEditor 2.0, Improper input validation vulnerability ABBVU-IACT-3BSE091042

ABB also recommends the following security practices and firewall configurations to protect process control networks from attacks that originate from outside the network:
• Conduct or reinforce cybersecurity awareness training for users
• Follow general cybersecurity best practice recommendations for industrial control systems
• Be aware that it is possible to infect Panel Builder files with malware
• Be careful with files that are received unexpectedly and/or from unexpected sources
• Carefully inspect any files transferred between computers, scan them with up-to-date antivirus software, so that only legitimate files are transferred
• Manage user accounts following the principle of least privilege

More information on recommended practices can be found in ABB’s Security for Industrial Automation and Control Systems paper – 3BSE032547.



Leave a Reply

You must be logged in to post a comment.