Critical Privilege Escalation Vulnerability Patched in ABB Industrial Control Systems

CVECVE-2023-0635
CVSScvssV3_1: 7.8
SourceCVE-2023-0635

ABB Ltd., a multinational corporation headquartered in Switzerland, develops and sells industrial automation products and industrial robots. According to a new security advisory, several of ABB’s industrial control system products were found to have an improper privilege management vulnerability that could allow unauthorized privilege escalation.

The vulnerability affects ABB’s ASPECT®-Enterprise, NEXUS Series, and MATRIX Series industrial control systems running on Linux. By exploiting this issue, an attacker with network access could potentially gain elevated privileges, allowing them to perform unauthorized actions or install malware.

Common attack vectors for privilege escalation vulnerabilities include exploiting unauthenticated or weakly authenticated APIs, command injection flaws, and configuration errors that provide unintended access. In industrial environments, privilege escalation attacks could disrupt automation processes or impact safety systems.

ABB has released updates to address this issue for versions 3.07.01 and above of the affected products. System owners are strongly recommended to apply the latest patches as soon as possible to prevent potential exploitation. General best practices like restricting network access, keeping systems up-to-date, and monitoring for anomalies can also help mitigate risks from vulnerabilities like this.

References