ABB DataManagerPro Credential Management Vulnerability

CVEs (1)

Remediations

• ABB has produced a new version (Version 1.7.1) to mitigate this vulnerability. ABB recommends that users apply the update at their earliest convenience. Users may find more information in ABB’s security advisory (ABB-VU-BUMP-089290) located on its web site at the following location: (https://library.e.abb.com/public/93e52dbfd6ab4f64aa435973ccf1b6e2/9ADB005557_ABB_SoftwareVulnerabilityHandlingAdvisory_DMPro.pdf)
• ABB recommends security practices and firewall configurations to help protect systems from attacks that originate from outside the network. Such practices include: Carefully inspect any files transferred between computers, including scanning them with up‑to‑date antivirus software, so that only legitimate files may be transferred. User account management, appropriate authentificaton and permission management using the principle of least privilege.
• More information on recommended practices can be found in the following ABB document: 3BSE032547, Whitepaper - Security for Industrial Automation and Control Systems

Affected Vendors

Affected Products (1)