ABB Freelance Security Lock

Risk Summary

ABB is aware of a vulnerability in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the product to stop or make the product inaccessible.

CVEs (1)

Remediations

• ABB recommends using Freelance Extended User Management instead of Security Lock. Freelance Extended User Management is based on Windows user accounts and is available for Freelance 2019 or higher. For Freelance 2016 and earlier, please refer to chapter “General Security Information”. A fix for Freelance Security Lock is in preparation and will be announced in this updated document. Refer to section “General security recommendations” for further advise on how to keep your system secure. To reduce the likelihood of exploitation via keyboard shortcuts: - disable unnecessary accessibility features - use hardened OS configurations that suppress system-level shortcuts - implement BIOS/UEFI-level restrictions on keyboard input during runtime.
• Workarounds are specific measures that a user can take to help block an attack, for example, temporarily disabling the vulnerable feature may remove the exposure with well-known impact on functionality. ABB has tested the following workaround. Although this workaround will not correct the underlying vulnerability, it can help block known attack vectors. When a workaround reduces functionality, this is identified below as “Impact of workaround”. For Freelance 2019 and higher, ABB recommends using Freelance Extended User Management instead of Security Lock. For Freelance 2016 SP1 and older, no workaround is available.

Affected Vendors

Affected Products (8)

Affected Sectors

Critical Manufacturing