4 matches found
CVE-2016-4527
CVE-2016-4527 affects ABB PCM600. PTSecurity reports insecure password storage: PCM600 authentication accounts are stored as ASCII hex in manual program DB files, enabling a local attacker with access to PCM600 to obtain credentials. The vulnerability stems from how credentials are stored and is ...
CVE-2016-4516
CVE-2016-4516 affects ABB PCM600 (pre-2.7) where the main application password is stored insecurely after a change, allowing local attackers with access to obtain the password from the configuration/file storage. Multiple sources (NVD/NIST, ICS-CERT advisory ICSA-16-152-02, CNVD/CVEs, and Positiv...
CVE-2016-4511
CVE-2016-4511 concerns ABB PCM600 prior to version 2.7, where the main application password stored in ACTConfig is hashed with a weak function. This enables local attackers with read access to ACTConfig to obtain sensitive cleartext information. The vulnerability is described as a password hash/i...
CVE-2016-4524
CVE-2016-4524 affects ABB PCM600 (OPC Server IEC61850) prior to version 2.7. The vulnerability arises from insecure handling of authentication passwords: the OPC Server IEC61850 credentials are stored in clear text or unsecured temporary locations in the configuration/file artifacts, enabling a l...