cnvd - cnvd-2020-41210

CNVD-2020-41210

Vulnerability from cnvd - Published: 2020-07-21

Title

ABB IRC5信任管理问题漏洞

Description

ABB IRC5是一款机器人控制系统。 ABB IRC5存在信任管理问题漏洞，远程攻击者可利用该漏洞提交特殊的请求，未授权访问系统。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://global.abb/

Reference

https://github.com/aliasrobotics/RVD/issues/3326

Impacted products

Name
ABB IRC5

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-10287",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-10287"
    }
  },
  "description": "ABB IRC5\u662f\u4e00\u6b3e\u673a\u5668\u4eba\u63a7\u5236\u7cfb\u7edf\u3002\n\nABB IRC5\u5b58\u5728\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e \uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u672a\u6388\u6743\u8bbf\u95ee\u7cfb\u7edf\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://global.abb/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-41210",
  "openTime": "2020-07-21",
  "products": {
    "product": "ABB IRC5"
  },
  "referenceLink": "https://github.com/aliasrobotics/RVD/issues/3326",
  "serverity": "\u9ad8",
  "submitTime": "2020-07-20",
  "title": "ABB IRC5\u4fe1\u4efb\u7ba1\u7406\u95ee\u9898\u6f0f\u6d1e"
}

CVE-2020-10287 (GCVE-0-2020-10287)

Vulnerability from cvelistv5 – Published: 2020-07-15 22:15 – Updated: 2024-09-16 23:46

Summary

The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default credentials and consider thereby this an exposure that should be mitigated. Moreover, future deployments should consider that these defaults should be forbidden (user should be forced to change them).

Severity ?

9.1 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-255

Assigner

Alias

References

URL

Tags

https://github.com/aliasrobotics/RVD/issues/3326

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	ABB	IRB140	Affected: unspecified

Credits

Alfonso Glera, Victor Mayoral Vilches (Alias Robotics)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:58:39.753Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/aliasrobotics/RVD/issues/3326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IRB140",
          "vendor": "ABB",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Alfonso Glera, Victor Mayoral Vilches (Alias Robotics)"
        }
      ],
      "datePublic": "2020-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default credentials and consider thereby this an exposure that should be mitigated. Moreover, future deployments should consider that these defaults should be forbidden (user should be forced to change them)."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-255",
              "description": "CWE-255",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-15T22:15:17",
        "orgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
        "shortName": "Alias"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/aliasrobotics/RVD/issues/3326"
        }
      ],
      "source": {
        "defect": [
          "RVD#3326"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "RVD#3326: Hardcoded default credentials on IRC 5 OPC Server",
      "x_generator": {
        "engine": "Robot Vulnerability Database (RVD)"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@aliasrobotics.com",
          "DATE_PUBLIC": "2020-07-15T22:07:25 +00:00",
          "ID": "CVE-2020-10287",
          "STATE": "PUBLIC",
          "TITLE": "RVD#3326: Hardcoded default credentials on IRC 5 OPC Server"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IRB140",
                      "version": {
                        "version_data": [
                          {
                            "version_value": ""
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ABB"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Alfonso Glera, Victor Mayoral Vilches (Alias Robotics)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default credentials and consider thereby this an exposure that should be mitigated. Moreover, future deployments should consider that these defaults should be forbidden (user should be forced to change them)."
            }
          ]
        },
        "generator": {
          "engine": "Robot Vulnerability Database (RVD)"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "critical",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/aliasrobotics/RVD/issues/3326",
              "refsource": "CONFIRM",
              "url": "https://github.com/aliasrobotics/RVD/issues/3326"
            }
          ]
        },
        "source": {
          "defect": [
            "RVD#3326"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dc524f69-879d-41dc-ab8f-724e78658a1a",
    "assignerShortName": "Alias",
    "cveId": "CVE-2020-10287",
    "datePublished": "2020-07-15T22:15:17.666079Z",
    "dateReserved": "2020-03-10T00:00:00",
    "dateUpdated": "2024-09-16T23:46:37.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-41210

CVE-2020-10287 (GCVE-0-2020-10287)

Tags

Sightings

Nomenclature