First published: Mon Jun 24 2019(Updated: )
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Abb Board Support Package Un31 | <2.31 | |
Abb Cp620 Firmware | <2.8.0.424 | |
Abb Cp620 | ||
Abb Cp620-web Firmware | <2.8.0.424 | |
Abb Cp620-web | ||
Abb Cp630 Firmware | <2.0.8.424 | |
Abb Cp630 | ||
Abb Cp630-web Firmware | <2.8.0.424 | |
Abb Cp630-web | ||
Abb Cp635 Firmware | <2.8.0.424 | |
ABB CP635 | ||
Abb Cp635-b Firmware | <2.8.0.424 | |
Abb Cp635-b | ||
Abb Cp635-web Firmware | <2.8.0.424 | |
Abb Cp635-web |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.