Vulnerability identifier: #VU13900

Vulnerability risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:W/RC:C]

CVE-ID: CVE-2018-10616

CWE-ID: CWE-20

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Panel Builder 800
Universal components / Libraries / Software for developers

Vendor: ABB

Description

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The vulnerability exists due to an error when processing malicious input. A local attacker can trick the victim into opening a specially crafted file, insert and run arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
To fix the vulnerability vendor published the following workarounds:

• Conduct or reinforce cybersecurity awareness training for users of Panel Builder 800:
  • Describing general cybersecurity best practice recommendations for industrial control systems,
  • Informing that it is possible to infect Panel Builder files with malware,
  • Describing the importance of being careful with files that are received unexpectedly and/or from unexpected sources.
• Carefully inspecting any files transferred between computers, including scanning them with up-to-date antivirus software, so that only the legitimate files are being transferred.
• User account management, appropriate authentication and permission management using the principle of least privilege.

Vulnerable software versions

Panel Builder 800: All versions

---

External links
http://search-ext.abb.com/library/Download.aspx?DocumentID=3BSE092089&Action=Launch

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.