ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A)

CVEs (1)

Remediations

• ABB recommends that any new projects use Panel Builder 800 Version 6.0.
• Files transferred between computers should be carefully inspected, including scanning with up-to-date antivirus software and plausibility checks for the file types to be transferred, e.g., by a file transfer proxy enforcing restrictions.
• User account management, appropriate authentication, and permission management use the principle of least privilege.
• ABB has developed and tested the following workaround. It will not correct the underlying vulnerability, but it will block the known attack vector: Remove the association of .pba files with the Panel Builder 800 Version 5.1. This can be done via: Control Panel\Programs\Default Programs\Set Associations. This workaround has the impact that it will no longer be possible to start the Panel Builder 800 Version 5.1 by a double click of a panel 800 project file. The Panel Builder 800 Version 5.1 will need to be started from a link provided by the product installation, e.g., in the Windows Start menu.
• ABB has produced an advisory for this vulnerability: (https://library.e.abb.com/public/ad52594ac29c4b088a62f199f04ab3b3/3BSE086156_-_en_SECURITY_Advisory_-_Panel_Builder_800_5.x_vulnerability.pdf)

Affected Vendors

Affected Products (1)