Detections
Analytics
ABB SREA-01 and SREA-50 Ethernet Adapters Path Traversal
critical Nessus Network Monitor Plugin ID 720133
Synopsis
ABB SREA-01 and SREA-50 allow an attacker to access sensitive files via a directory traversal attack.Description
In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any authorization over the network using a HTTP request which refers to files using ../../ relative paths. Once the internal password file is retrieved, the password hash can be identified using a brute force attack. There is also an exploit allowing running of commands after authorization.Solution
Perform vendor recommended mitigations and apply available vendor upgrades.See Also
https://ics-cert.us-cert.gov/advisories/ICSA-17-222-05,http://www.securityfocus.com/bid/100260
Plugin Details
Severity: Critical
ID: 720133
Family: SCADA
Published: 5/8/2019
Updated: 9/30/2019
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
Patch Publication Date: 8/10/2017
Vulnerability Publication Date: 8/10/2017
Reference Information
CVE: CVE-2017-9664
BID: 100260