Sign-up

ID

VAR-201906-0218


CVE

CVE-2019-7228


TITLE

ABB PB610 IDAL HTTP server Memory Corruption Vulnerability

Trust: 0.8

sources: IVD: e95e6d50-ac70-49d1-ac71-508da06352da // CNVD: CNVD-2019-19476

DESCRIPTION

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the authentication process. Attempting to authenticate with the username %25s%25p%25x%25n will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack. ABB IDAL HTTP The server contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ABBPB610 is a software designed by ABB of Switzerland for the graphical user interface of the CP600 control panel platform. IDALHTTPserver is one of the HTTP (Hypertext Transfer Protocol) servers. A memory corruption vulnerability exists in IDALHTTPserver in ABBPB610. ABB PB610 Panel Builder 600 is prone to the following vulnerabilities: 1. An authentication-bypass vulnerability 2. A directory-traversal vulnerability 3. A stack-based buffer-overflow vulnerability 5. A buffer-overflow vulnerability Attackers can exploit these issues to execute arbitrary code, access or read arbitrary files that contain sensitive information or to access files outside of the restricted directory, bypass authentication mechanism and perform unauthorized actions. Failed exploit attempts will likely cause denial-of-service conditions. ABB PB610 Panel Builder 600 version 1.91 through 2.8.0.367 are vulnerable

Trust: 2.61

sources: NVD: CVE-2019-7228 // JVNDB: JVNDB-2019-005794 // CNVD: CNVD-2019-19476 // BID: 108886 // IVD: e95e6d50-ac70-49d1-ac71-508da06352da

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e95e6d50-ac70-49d1-ac71-508da06352da // CNVD: CNVD-2019-19476

AFFECTED PRODUCTS

vendor:abbmodel:pb610 panel builder 600scope:lteversion:2.8.0.367

Trust: 1.0

vendor:abbmodel:pb610 panel builder 600scope:gteversion:1.91

Trust: 1.0

vendor:abbmodel:pb610 panel builder 600scope: - version: -

Trust: 0.8

vendor:abbmodel:pb610scope: - version: -

Trust: 0.6

vendor:abbmodel:pb610 panel builderscope:eqversion:6002.8.0.367

Trust: 0.3

vendor:abbmodel:pb610 panel builderscope:eqversion:6001.91

Trust: 0.3

vendor:abbmodel:pb610 panel builderscope:neversion:6002.8.0.424

Trust: 0.3

vendor:pb610 panel builder 600model: - scope:eqversion:*

Trust: 0.2

sources: IVD: e95e6d50-ac70-49d1-ac71-508da06352da // CNVD: CNVD-2019-19476 // BID: 108886 // JVNDB: JVNDB-2019-005794 // NVD: CVE-2019-7228

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-7228
value: HIGH

Trust: 1.0

NVD: CVE-2019-7228
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-19476
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201906-907
value: HIGH

Trust: 0.6

IVD: e95e6d50-ac70-49d1-ac71-508da06352da
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2019-7228
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-19476
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e95e6d50-ac70-49d1-ac71-508da06352da
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2019-7228
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-7228
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: e95e6d50-ac70-49d1-ac71-508da06352da // CNVD: CNVD-2019-19476 // JVNDB: JVNDB-2019-005794 // CNNVD: CNNVD-201906-907 // NVD: CVE-2019-7228

PROBLEMTYPE DATA

problemtype:CWE-134

Trust: 1.0

problemtype:CWE-119

Trust: 0.8

sources: JVNDB: JVNDB-2019-005794 // NVD: CVE-2019-7228

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201906-907

TYPE

format string error

Trust: 0.6

sources: CNNVD: CNNVD-201906-907

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-005794

PATCH
title:Multiple Vulnerabilities in ABB PB610url:https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377&LanguageCode=en&DocumentPartId=&Action=Launch
Trust: 0.8
title:ABBPB610IDALHTTPserver memory corruption vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/165541
Trust: 0.6
title:ABB PB610 IDAL HTTP server Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94039
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-19476 // 
            
            
            
            JVNDB: JVNDB-2019-005794 // 
            
            
            
            CNNVD: CNNVD-201906-907

EXTERNAL IDS
db:NVDid:CVE-2019-7228
Trust: 3.5
db:PACKETSTORMid:153404
Trust: 2.2
db:BIDid:108886
Trust: 1.9
db:ICS CERTid:ICSA-19-178-01
Trust: 1.4
db:CNVDid:CNVD-2019-19476
Trust: 0.8
db:CNNVDid:CNNVD-201906-907
Trust: 0.8
db:JVNDBid:JVNDB-2019-005794
Trust: 0.8
db:AUSCERTid:ESB-2019.2346
Trust: 0.6
db:IVDid:E95E6D50-AC70-49D1-AC71-508DA06352DA
Trust: 0.2
sources:
            
            
            IVD: e95e6d50-ac70-49d1-ac71-508da06352da // 
            
            
            
            CNVD: CNVD-2019-19476 // 
            
            
            
            BID: 108886 // 
            
            
            
            JVNDB: JVNDB-2019-005794 // 
            
            
            
            CNNVD: CNNVD-201906-907 // 
            
            
            
            NVD: CVE-2019-7228

REFERENCES
url:http://packetstormsecurity.com/files/153404/abb-idal-http-server-uncontrolled-format-string.html
Trust: 2.8
url:https://search.abb.com/library/download.aspx?documentid=3adr010377&languagecode=en&documentpartid=&action=launch
Trust: 1.9
url:http://seclists.org/fulldisclosure/2019/jun/43
Trust: 1.6
url:http://www.securityfocus.com/bid/108886
Trust: 1.6
url:https://www.us-cert.gov/ics/advisories/icsa-19-178-01
Trust: 1.4
url:https://nvd.nist.gov/vuln/detail/cve-2019-7228
Trust: 1.4
url:https://www.darkmatter.ae/xen1thlabs/abb-idal-http-server-uncontrolled-format-string-vulnerability-xl-19-012/
Trust: 1.0
url:https://new.abb.com
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-7228
Trust: 0.8
url:http-server-uncontrolled-format-string-vulnerability-xl-19-012/
Trust: 0.6
url:https://www.darkmatter.ae/xen1thlabs/abb-idal-
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.2346/
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-19476 // 
            
            
            
            BID: 108886 // 
            
            
            
            JVNDB: JVNDB-2019-005794 // 
            
            
            
            CNNVD: CNNVD-201906-907 // 
            
            
            
            NVD: CVE-2019-7228

CREDITS
Eldar Marcussen,Xen1thLabs.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201906-907

SOURCES
db:IVDid:e95e6d50-ac70-49d1-ac71-508da06352da
db:CNVDid:CNVD-2019-19476
db:BIDid:108886
db:JVNDBid:JVNDB-2019-005794
db:CNNVDid:CNNVD-201906-907
db:NVDid:CVE-2019-7228

LAST UPDATE DATE
2024-11-23T21:52:11.953000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-19476date:2019-06-27T00:00:00
db:BIDid:108886date:2019-06-13T00:00:00
db:JVNDBid:JVNDB-2019-005794date:2019-07-09T00:00:00
db:CNNVDid:CNNVD-201906-907date:2020-08-25T00:00:00
db:NVDid:CVE-2019-7228date:2024-11-21T04:47:47.873

SOURCES RELEASE DATE
db:IVDid:e95e6d50-ac70-49d1-ac71-508da06352dadate:2019-06-27T00:00:00
db:CNVDid:CNVD-2019-19476date:2019-06-27T00:00:00
db:BIDid:108886date:2019-06-13T00:00:00
db:JVNDBid:JVNDB-2019-005794date:2019-07-01T00:00:00
db:CNNVDid:CNNVD-201906-907date:2019-06-24T00:00:00
db:NVDid:CVE-2019-7228date:2019-06-27T15:15:09.230