CVE-2019-7229

The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.3 HIGH
ADJACENT_NETWORK
HIGH
NONE
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
VendorProductVersion
abbboard_support_package_un31
𝑥
< 2.31
abbcp620_firmware
𝑥
< 2.8.0.424
abbcp620-web_firmware
𝑥
< 2.8.0.424
abbcp630_firmware
𝑥
< 2.0.8.424
abbcp630-web_firmware
𝑥
< 2.8.0.424
abbcp635_firmware
𝑥
< 2.8.0.424
abbcp635-b_firmware
𝑥
< 2.8.0.424
abbcp635-web_firmware
𝑥
< 2.8.0.424
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/153387/ABB-HMI-Missing-Signature-Verification.html
http://seclists.org/fulldisclosure/2019/Jun/34
http://seclists.org/fulldisclosure/2019/Jun/34
https://search.abb.com/library/Download.aspx?DocumentID=3ADR010376&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=3ADR010402&LanguageCode=en&DocumentPartId=&Action=Launch
https://www.darkmatter.ae/xen1thlabs/abb-hmi-absence-of-signature-verification-vulnerability-xl-19-005/
http://packetstormsecurity.com/files/153387/ABB-HMI-Missing-Signature-Verification.html
http://seclists.org/fulldisclosure/2019/Jun/34
http://seclists.org/fulldisclosure/2019/Jun/34
https://search.abb.com/library/Download.aspx?DocumentID=3ADR010376&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=3ADR010402&LanguageCode=en&DocumentPartId=&Action=Launch
https://www.darkmatter.ae/xen1thlabs/abb-hmi-absence-of-signature-verification-vulnerability-xl-19-005/