In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.
References
Link | Resource |
---|---|
https://iotsecuritynews.com/abb-power-generation-information-manager-pgim-and-plant-connect/ | Third Party Advisory |
https://www.us-cert.gov/ics/advisories/icsa-19-318-05 | Not Applicable Permissions Required Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2019-11-25T23:13:29
Updated: 2019-11-25T23:13:29
Reserved: 2019-10-22T00:00:00
Link: CVE-2019-18250
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-11-26T00:15:11.780
Modified: 2021-10-29T19:11:02.377
Link: CVE-2019-18250
JSON object: View
Redhat Information
No data.