Multiple ABB products are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
Block external access at the network boundary, unless external parties require service.
If possible, block external access to the server hosting the vulnerable software. Permit access for trusted or internal networks and computers only.
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review logs regularly.
Updates are available. Please see the references or vendor advisory for more information.