ABB.Flow.Computer.TotalFlow.Path.Traversal
Description
This indicates an attack attempt to exploit a Path Traversal vulnerability in ABB Flow Computer and Remote Controller products.
The vulnerability is due to improper restriction of a pathname. A remote attacker may be able to exploit this to execute arbitrary commands within the context of the vulnerable system.
Outbreak Alert
Asea Brown Boveri (ABB), a Swiss industrial automation firm which develops flow computers, a special-purpose electronic instrument used by oil and gas manufacturers to interpret data and calculate oil and gas flow rates and volume are affected by a vulnerability that could allow hackers to cause disruptions and prevent utilities from billing their customers.
View the full Outbreak Alert Report
In the year 2022, FortiGuard IPS and FortiGuard AV/Sandbox blocked three trillion and six trillion hits respectively from vulnerabilities, malware and 0-day attacks. Those encompassed several thousand varieties of Remote Code Execution, Cross-Site Scripting, Elevation of Privilege, Denial of Service, Trojans, Exploits. FortiGuard Labs alerted customers with numerous critical threats throughout the year based on factors such as proof-of-concept, attack vectors, impact, ease of attack, dependencies, and more. This annual report covers:>
Affected Products
RMC-100 (Standard)
RMC-100-LITE
XIO
XFC G5
XRC G5
uFLO G5
UDC
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the affected system.
Recommended Actions
Apply the latest update from the vendor.
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A0927
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |