Risk Summary
Successful exploitation of this vulnerability could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node.
CVEs (1)
Remediations
- ABB recommends users apply the BSP update on affected CP600 control panels at their earliest convenience.
- New version of PB610 Panel Builder 600 v2.8.0.424, which is provided via Automation Builder 2.2 SP2.
- New version of BSP (board support package) UN31 v2.31.
- Please see ABB cybersecurity advisory document number 3ADR010376 for more information about this vulnerability, and two other security issues and their mitigations.
Affected Vendors
ABB
Affected Products (9)
ABB
·
CP620-WEB
1SAP520200R0001 | G1 with BSP <= UN31 1.76
ABB
·
CP620
1SAP520100R0001 | G1 with BSP <= UN31 1.76
ABB
·
CP630
1SAP530100R0001 | G1 with BSP <= UN31 1.76
ABB
·
CP635-WEB
1SAP535200R0001 | G1 with BSP <= UN31 1.76
ABB
·
CP620
1SAP520100R4001 | G1 with BSP <= UN31 1.76
ABB
·
CP630-WEB
1SAP530200R0001 | G1 with BSP <= UN31 1.76
ABB
·
CP635
1SAP535100R0001 | G1 with BSP <= UN31 1.76
ABB
·
CP635
1SAP535100R5001 | G1 with BSP <= UN31 1.76
ABB
·
CP635-B
1SAP535100R2001 | G1 with BSP <= UN31 1.76
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more