ABB.Flow.Computer.TotalFlow.Path.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Path Traversal vulnerability in ABB Flow Computer and Remote Controller products.
The vulnerability is due to improper restriction of a pathname. A remote attacker may be able to exploit this to execute arbitrary commands within the context of the vulnerable system.

description-logoOutbreak Alert

Asea Brown Boveri (ABB), a Swiss industrial automation firm which develops flow computers, a special-purpose electronic instrument used by oil and gas manufacturers to interpret data and calculate oil and gas flow rates and volume are affected by a vulnerability that could allow hackers to cause disruptions and prevent utilities from billing their customers.

View the full Outbreak Alert Report

In the year 2022, FortiGuard IPS and FortiGuard AV/Sandbox blocked three trillion and six trillion hits respectively from vulnerabilities, malware and 0-day attacks. Those encompassed several thousand varieties of Remote Code Execution, Cross-Site Scripting, Elevation of Privilege, Denial of Service, Trojans, Exploits. FortiGuard Labs alerted customers with numerous critical threats throughout the year based on factors such as proof-of-concept, attack vectors, impact, ease of attack, dependencies, and more. This annual report covers:>

View the full Outbreak Alert Report

affected-products-logoAffected Products

RMC-100 (Standard)
RMC-100-LITE
XIO
XFC G5
XRC G5
uFLO G5
UDC

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code within the context of the affected system.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A0927

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)