CVE-2019-10995

ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface.
References
Link Resource
http://www.securityfocus.com/bid/108928 Third Party Advisory VDB Entry
https://www.us-cert.gov/ics/advisories/icsa-19-178-02 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:abb:cp651_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp651:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:abb:cp651-web_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp651-web:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:abb:cp661-web_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp661-web:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:abb:cp661_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp661:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:abb:cp665_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp665:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:abb:cp665-web_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp665-web:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:abb:cp676-web_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp676-web:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:abb:cp676_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:abb:cp676:-:*:*:*:*:*:*:*

Information

Published : 2020-01-14 09:15

Updated : 2020-01-24 05:53


NVD link : CVE-2019-10995

Mitre link : CVE-2019-10995


JSON object : View

CWE
CWE-798

Use of Hard-coded Credentials

Advertisement

dedicated server usa

Products Affected

abb

  • cp661-web_firmware
  • cp665_firmware
  • cp676-web
  • cp661-web
  • cp676
  • cp651_firmware
  • cp651-web
  • cp665-web
  • cp676_firmware
  • cp661
  • cp651
  • cp665-web_firmware
  • cp676-web_firmware
  • cp661_firmware
  • cp651-web_firmware
  • cp665