Vulnerability Description
ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface.
CVSS Score
8.8
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Abb | Cp651 Firmware | <= bsp_un30_1.76 |
| Abb | Cp651 | - |
| Abb | Cp651-Web Firmware | <= bsp_un30_1.76 |
| Abb | Cp651-Web | - |
| Abb | Cp661-Web Firmware | <= bsp_un30_1.76 |
| Abb | Cp661-Web | - |
| Abb | Cp661 Firmware | <= bsp_un30_1.76 |
| Abb | Cp661 | - |
| Abb | Cp665 Firmware | <= bsp_un30_1.76 |
| Abb | Cp665 | - |
| Abb | Cp665-Web Firmware | <= bsp_un30_1.76 |
| Abb | Cp665-Web | - |
| Abb | Cp676-Web Firmware | <= bsp_un30_1.76 |
| Abb | Cp676-Web | - |
| Abb | Cp676 Firmware | <= bsp_un30_1.76 |
| Abb | Cp676 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/108928Third Party AdvisoryVDB Entry
- https://www.us-cert.gov/ics/advisories/icsa-19-178-02Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/108928Third Party AdvisoryVDB Entry
- https://www.us-cert.gov/ics/advisories/icsa-19-178-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-10995?
CVE-2019-10995 is a vulnerability with a CVSS score of 8.8 (HIGH). ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface.
How severe is CVE-2019-10995?
CVE-2019-10995 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-10995?
Check the references section above for vendor advisories and patch information. Affected products include: Abb Cp651 Firmware, Abb Cp651, Abb Cp651-Web Firmware, Abb Cp651-Web, Abb Cp661-Web Firmware.