virus logo Intrusion Prevention

ABB.PGIM.and.Plant.Connect.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in ABB PGIM and Plant Connect.
A remote attack could exploit this vulnerability by sending a crafted command the vulnerable server. Successful exploitation of this vulnerability could allow a remote attacker to bypass authentication and extract credentials from the device.

affected-products-logoAffected Products

Power Generation Information Manager (PGIM) - all versions
Plant Connect - all versions

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

ABB advises users upgrade to Symphony Plus Historian. Symphony Plus Historian is the successor to the PGIM and Plant Connect products and features improved cybersecurity.
https://search.abb.com/library/Download.aspx?DocumentID=8VZZ002158T0001&LanguageCode=en&DocumentPartId=&Action=Launch

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-12-06 15.740 Default_action:pass:drop
2019-11-28 15.735

References

ICSA-19-318-05
ID 48543
Created Nov 28, 2019
Updated Apr 17, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2019-18250
Exploit Prediction Score 0.43%
Default Action drop
Active
Affected OS Windows
Affected App SCADA