ABB HART Device DTM Vulnerability

CVEs (1)

Remediations

• Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Process control systems (including the 4-20 mA current loop for connecting field devices) should be physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and separated from other networks by means of a firewall system that has a minimal number of ports exposed. Process control systems should not be used for Internet surfing, instant messaging, or receiving emails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.
• Using a virus scanner on all Windows-based system nodes, with the latest updates and with on‑access scanning enabled, can help prevent infection by malicious or unwanted software.
• ABB’s security bulletin titled SECURITY BULLETIN - HART Vulnerability in ABB Third Party Device Type Library, includes patch information regarding this vulnerability. This security bulletin is available at:http://www05.abb.com/global/scot/scot400.nsf/veritydisplay/8b6117ce372491c0c1257dea004c6536/$file/2PAA114210_-_en_SECURITY_BULLETIN_-_HART_Vulnerability_in_ABB_Third_Party_Device_Type_Library.pdf
• ABB provides Alerts and Notifications of their products on their web site at: http://www.abb.com/cawp/abbzh254/2c9d1261d9fa1dcfc1257950002e4fbf.aspx

Affected Vendors

Affected Products (8)