← Back to home
ICSA-17-222-05  ·  Published 2017-08-10  ·  View on CISA ICS-CERT ↗

ABB SREA-01 and SREA-50

CVSS 9.8 CRITICAL

Risk Summary

ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available.

CVEs (1)

Remediations

  • HMS Industrial Networks Ab created an update to resolve a publicly reported vulnerability in the ABB products listed above. Products are based on a legacy software platform which is no longer actively maintained. The problem is corrected by installing a patch that is available at the following location:
  • Note: ABB has tested the patch only with the latest revisions of the SREA-01. The patch should also be applicable to the latest revisions of the SREA-50. If an old revision of hardware is in use, it is suggested to replace the hardware either with latest revision or with some other remote monitoring tool.

Affected Vendors

ABB

Affected Products (2)

ABB · SREA-01 revisions A B C <3.31.15
ABB · SREA-50 revision A <3.32.8

Affected Sectors

Critical Manufacturing, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more