ABB.PGIM.and.Plant.Connect.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in ABB PGIM and Plant Connect.
A remote attack could exploit this vulnerability by sending a crafted command the vulnerable server. Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication and extract credentials from the device.
Affected Products
Power Generation Information Manager (PGIM) - all versions
Plant Connect - all versions
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
ABB advises users upgrade to Symphony Plus Historian. Symphony Plus Historian is the successor to the PGIM and Plant Connect products and features improved cybersecurity.
https://search.abb.com/library/Download.aspx?DocumentID=8VZZ002158T0001&LanguageCode=en&DocumentPartId=&Action=Launch
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |