CVE-2019-18996 - OpenCVE

Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Abb	Pb610 Panel Builder 600

Configuration 1 [-]

cpe:2.3:a:abb:pb610_panel_builder_600:*:*:*:*:*:*:*:*

References

Link	Resource
http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ABB

Published: 2019-12-18T20:24:44

Updated: 2019-12-18T20:24:44

Reserved: 2019-11-15T00:00:00

Link: CVE-2019-18996

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-12-18T21:15:13.507

Modified: 2023-02-03T17:22:11.960

Link: CVE-2019-18996

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "PB610 Panel Builder 600", "vendor": "ABB", "versions": [{"lessThanOrEqual": "2.8.0.424", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "NSFOCUS for providing vulnerability details and proof of concept."}], "descriptions": [{"lang": "en", "value": "Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application\u2019s context."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-424", "description": "CWE-424 Improper Protection of Alternate Path", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-12-18T20:24:44", "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch"}], "source": {"defect": ["ABBVU-RAMF-1908003"], "discovery": "UNKNOWN"}, "title": "ABB PB610 HMIStudio accepts malicious DLL file in an application", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@ch.abb.com", "ID": "CVE-2019-18996", "STATE": "PUBLIC", "TITLE": "ABB PB610 HMIStudio accepts malicious DLL file in an application"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PB610 Panel Builder 600", "version": {"version_data": [{"version_affected": "<=", "version_value": "2.8.0.424"}]}}]}, "vendor_name": "ABB"}]}}, "credit": [{"lang": "eng", "value": "NSFOCUS for providing vulnerability details and proof of concept."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application\u2019s context."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-424 Improper Protection of Alternate Path"}]}]}, "references": {"reference_data": [{"name": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch", "refsource": "MISC", "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch"}]}, "source": {"defect": ["ABBVU-RAMF-1908003"], "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "assignerShortName": "ABB", "cveId": "CVE-2019-18996", "datePublished": "2019-12-18T20:24:44", "dateReserved": "2019-11-15T00:00:00", "dateUpdated": "2019-12-18T20:24:44", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:abb:pb610_panel_builder_600:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A9714CC-B58C-4D3E-A618-8C8146032D6B", "versionEndIncluding": "2.8.0.424", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application\u2019s context."}, {"lang": "es", "value": "La configuraci\u00f3n de ruta en el componente HMIStudio de ABB PB610 Panel Builder 600 versiones 2.8.0.424 y anteriores acepta archivos DLL fuera del directorio del programa, lo que potencialmente permite a un atacante con acceso al sistema de archivos local la ejecuci\u00f3n de c\u00f3digo en el contexto de la aplicaci\u00f3n."}], "id": "CVE-2019-18996", "lastModified": "2023-02-03T17:22:11.960", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.7, "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}, "published": "2019-12-18T21:15:13.507", "references": [{"source": "cybersecurity@ch.abb.com", "tags": ["Third Party Advisory"], "url": "http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch"}], "sourceIdentifier": "cybersecurity@ch.abb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-424"}], "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}