First published: Mon Jun 24 2019(Updated: )
The ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can send a FTP command string of 472 bytes or more to overflow a buffer, causing an exception that terminates the server.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ABB PB610 Panel Builder 600 Firmware | >=1.91<=2.8.0.367 | |
ABB Panel Builder 600 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-7231 is classified as a high severity vulnerability due to its potential to cause denial of service through a buffer overflow.
To fix CVE-2019-7231, update the ABB PB610 Panel Builder 600 firmware to version 2.8.0.367 or later.
An authenticated attacker with access to the ABB IDAL FTP server can exploit CVE-2019-7231.
Exploitation of CVE-2019-7231 can terminate the FTP server process, causing service disruption.
CVE-2019-7231 affects ABB PB610 Panel Builder 600 firmware versions from 1.91 up to 2.8.0.367.