50 matches found
CVE-2021-22278 Certificate verification vulnerability in Update Manager of PCM600 Engineering Tool
A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed...
CVE-2021-22278
CVE-2021-22278 describes an improper certificate validation in Hitachi Energy PCM600 Update Manager. Affected PCM600 Update Manager versions include 2.1, 2.1.0.4, 2.2, 2.2.0.1, 2.2.0.2, 2.2.0.23, 2.3.0.60, 2.4.20041.1, and 2.4.20119.2. According to the ICS advisory, exploitation could allow an ad...
The vulnerability of the ABB PCM600 control and configuration device allows a intruder to gain access to user passwords.
The vulnerability of the ABB PCM600 control and configuration device lies in the storage of passwords in an unencrypted form. Exploiting this vulnerability could allow a malicious actor, operating locally, to gain access to the passwords of the IEC61850 OPC server by analyzing the System.xml...
CVE-2016-4527
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4527
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4524
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4524
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4516
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4516
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...
CVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...
Default credentials
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors...
Design/Logic Flaw
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...
Authentication flaw
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors...
Design/Logic Flaw
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4527
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4516
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4511
CVE-2016-4511 concerns ABB PCM600 prior to version 2.7, where the main application password stored in ACTConfig is hashed with a weak function. This enables local attackers with read access to ACTConfig to obtain sensitive cleartext information. The vulnerability is described as a password hash/i...
CVE-2016-4524
CVE-2016-4524 affects ABB PCM600 (OPC Server IEC61850) prior to version 2.7. The vulnerability arises from insecure handling of authentication passwords: the OPC Server IEC61850 credentials are stored in clear text or unsecured temporary locations in the configuration/file artifacts, enabling a l...
CVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...