21 matches found
EUVD-2016-5511
Malware in sbrugna...
EUVD-2016-5514
Malware in sbrugna...
EUVD-2016-5498
Malware in sbrugna...
CVE-2016-4527
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4527
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4524
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4516
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...
Default credentials
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors...
Design/Logic Flaw
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4516
ABB PCM600 before 2.7 improperly stores the main application password after a password change, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4511
ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to the ACTConfig configuration file...
CVE-2016-4527
ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors...
CVE-2016-4524
ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors...
CVE-2016-4524
CVE-2016-4524 affects ABB PCM600 (OPC Server IEC61850) prior to version 2.7. The vulnerability arises from insecure handling of authentication passwords: the OPC Server IEC61850 credentials are stored in clear text or unsecured temporary locations in the configuration/file artifacts, enabling a l...
CVE-2016-4516
CVE-2016-4516 affects ABB PCM600 (pre-2.7) where the main application password is stored insecurely after a change, allowing local attackers with access to obtain the password from the configuration/file storage. Multiple sources (NVD/NIST, ICS-CERT advisory ICSA-16-152-02, CNVD/CVEs, and Positiv...
ABB PCM600 Credential Protection Vulnerability
The ABB PCM600 is a protection and control IED manager, primarily used in the energy industry. A vulnerability exists in the way the ABB PCM600 OPC Server IEC61850 authentication password is temporarily protected. A local attacker could exploit this vulnerability to access the affected device...
PT-2016-11: Insecure Authentication Data Storage in ABB PCM600
The specialists of the Positive Research center have detected an Insecure Password Storage vulnerability in ABB PCM600. PCM600 authentication accounts are stored as ASCII hex values in the manual program DB files. An attacker can get access to PCM600. How to fix Update your software up to the...
PT-2016-10: Insecure Password Storage in ABB PCM600
The specialists of the Positive Research center have detected an Insecure Password Storage vulnerability in ABB PCM600. The OPC Server IEC61850 authentication password is stored as a clear text in the configuration file and manual project. As a result an attacker can get access to the IEC61850...
PT-2016-08: Weak Password Hashing in ABB PCM600
The specialists of the Positive Research center have detected a Weak password hashing vulnerability in ABB PCM600. A Main Application Password in the "ACTConfig" configuration file hashed by the weak function with the hardcoded key and the initialization vector. It is easy to decrypt the password...