CVE-2019-10995

CVE	CVE-2019-10995
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2020-01-14 17:15:00 UTC
Updated	2020-01-24 13:53:00 UTC
Description	ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface.

Problem Types: CWE-798

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Abb	Cp651	-	All	All	All
Hardware	Abb	Cp651	-	All	All	All
Hardware	Abb	Cp651-web	-	All	All	All
Hardware	Abb	Cp651-web	-	All	All	All
Operating System	Abb	Cp651-web Firmware	All	All	All	All
Operating System	Abb	Cp651 Firmware	All	All	All	All
Hardware	Abb	Cp661	-	All	All	All
Hardware	Abb	Cp661	-	All	All	All
Hardware	Abb	Cp661-web	-	All	All	All
Hardware	Abb	Cp661-web	-	All	All	All
Operating System	Abb	Cp661-web Firmware	All	All	All	All
Operating System	Abb	Cp661 Firmware	All	All	All	All
Hardware	Abb	Cp665	-	All	All	All
Hardware	Abb	Cp665	-	All	All	All
Hardware	Abb	Cp665-web	-	All	All	All
Hardware	Abb	Cp665-web	-	All	All	All
Operating System	Abb	Cp665-web Firmware	All	All	All	All
Operating System	Abb	Cp665 Firmware	All	All	All	All
Hardware	Abb	Cp676	-	All	All	All
Hardware	Abb	Cp676	-	All	All	All
Hardware	Abb	Cp676-web	-	All	All	All
Hardware	Abb	Cp676-web	-	All	All	All
Operating System	Abb	Cp676-web Firmware	All	All	All	All
Operating System	Abb	Cp676 Firmware	All	All	All	All

Reference	Source	Link	Tags
ABB CP651 HMI \| CISA	MISC	www.us-cert.gov	Third Party Advisory, US Government Resource
Multiple ABB Products CVE-2019-10995 Hardcoded Credentials Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

590520 ABB CP651 HMI Use of Hard-coded Credentials Vulnerability (ICSA-19-178-02)