ABB Working Toward Heartbleed Patch

Wednesday, May 7, 2014 @ 02:05 PM gHale

ABB found a Heartbleed vulnerability in its Relion 650 series application and is in the process of creating a patch that mitigates the remotely exploitable vulnerability, according to a report on ICS-CERT.

The 650 series Ver 1.3.0 suffers from the issue. Exploits that target this vulnerability are publicly available.

Ecava Info Disclosure Vulnerability
Siemens Updates Heartbleed Fixes
Siemens Fixing Heartbleed Vulnerability
InduSoft Web Studio Vulnerability

A missing bounds check in the handling of the TLS heartbeat extension can end up used to reveal up to 64 kB of memory on a connected device. An attacker who successfully exploits this vulnerability may obtain the user credentials and cryptographic keys used to access the device.

ABB is a Swiss-based company that maintains offices in several countries around the world. ABB develops products in multiple critical sectors that see use worldwide.

The affected product, 650 series Ver 1.3.0 family, provides protection, control, measurement, and supervision of power systems specifically supporting bay control, transformer protection, line distance protection, generator protection, busbar protection, and breaker protection. These products support the electrical sector SCADA systems.

The 650 series Ver 1.3.0 devices use the vulnerable version of OpenSSL 1.0.1c. This affects parts of the FTPS protocol and the tool access protocol. Both of these protocols use the OpenSSL component.

CVE-2014-0160 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 5.0.

An attacker with a moderate skill would be able to exploit this vulnerability.

The ABB cyber security team issues product alerts and advisories at its web site. Once on the site, open the link to Alerts & Notifications.

Click here for the OpenSSL Heartbleed Vulnerability in the 650 series Ver 1.3.0 (ABB-VU-PSAC-1MRG016193).

ABB is currently working toward a maintenance release in order to provide protection to its customers.

If user-defined accounts ended up used, the passwords of those should also change. Cryptographic keys regenerate by temporarily changing IP-address or IEC61850 name of the device.

Additional information is available from the ABB service organizations.

Leave a Reply

You must be logged in to post a comment.