HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 Improper Input Validation Vulnerability

Summary

HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 suffers from  improper input validation vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch


Details

The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.

 

Vulnerable Systems:

ABB PB610 Panel Builder 600 versions 2.8.0.424

 

CVE Information:

CVE-2019-18995

 

Disclosure Timeline:
Published Date:12/18/2019

Categories: FeaturedNews