CVE-2019-7225

Summary

CVE	CVE-2019-7225
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2019-06-27 17:15:00 UTC
Updated	2023-05-16 11:15:00 UTC
Description	The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags (MODBUS coils) mapping to the HMI. These credentials are the idal123 password for the IdalMaster account, and the exor password for the exor account. These credentials are used over both HTTP(S) and FTP. There is no option to disable or change these undocumented credentials. An attacker can use these credentials to login to ABB HMI to read/write HMI configuration files and also to reset the device. This affects ABB CP635 HMI, CP600 HMIClient, Panel Builder 600, IDAL FTP server, IDAL HTTP server, and multiple other HMI components.

Risk And Classification

Problem Types: CWE-798

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Abb	Cp620	-	All	All	All
Hardware	Abb	Cp620	-	All	All	All
Hardware	Abb	Cp620-web	-	All	All	All
Hardware	Abb	Cp620-web	-	All	All	All
Operating System	Abb	Cp620-web Firmware	All	All	All	All
Operating System	Abb	Cp620 Firmware	All	All	All	All
Hardware	Abb	Cp630	-	All	All	All
Hardware	Abb	Cp630	-	All	All	All
Hardware	Abb	Cp630-web	-	All	All	All
Hardware	Abb	Cp630-web	-	All	All	All
Operating System	Abb	Cp630-web Firmware	All	All	All	All
Operating System	Abb	Cp630 Firmware	All	All	All	All
Hardware	Abb	Cp635	-	All	All	All
Hardware	Abb	Cp635	-	All	All	All
Hardware	Abb	Cp635-b	-	All	All	All
Hardware	Abb	Cp635-b	-	All	All	All
Operating System	Abb	Cp635-b Firmware	All	All	All	All
Hardware	Abb	Cp635-web	-	All	All	All
Hardware	Abb	Cp635-web	-	All	All	All
Operating System	Abb	Cp635-web Firmware	All	All	All	All
Operating System	Abb	Cp635 Firmware	All	All	All	All
Hardware	Abb	Cp651	-	All	All	All
Hardware	Abb	Cp651	-	All	All	All
Hardware	Abb	Cp651-web	-	All	All	All
Hardware	Abb	Cp651-web	-	All	All	All
Operating System	Abb	Cp651-web Firmware	All	All	All	All
Operating System	Abb	Cp651 Firmware	All	All	All	All
Hardware	Abb	Cp661	-	All	All	All
Hardware	Abb	Cp661	-	All	All	All
Hardware	Abb	Cp661-web	-	All	All	All
Hardware	Abb	Cp661-web	-	All	All	All
Operating System	Abb	Cp661-web Firmware	All	All	All	All
Operating System	Abb	Cp661 Firmware	All	All	All	All
Hardware	Abb	Cp665	-	All	All	All
Hardware	Abb	Cp665	-	All	All	All
Hardware	Abb	Cp665-web	-	All	All	All
Hardware	Abb	Cp665-web	-	All	All	All
Operating System	Abb	Cp665-web Firmware	All	All	All	All
Operating System	Abb	Cp665 Firmware	All	All	All	All
Hardware	Abb	Cp676	-	All	All	All
Hardware	Abb	Cp676	-	All	All	All
Hardware	Abb	Cp676-web	-	All	All	All
Hardware	Abb	Cp676-web	-	All	All	All
Operating System	Abb	Cp676-web Firmware	All	All	All	All
Operating System	Abb	Cp676 Firmware	All	All	All	All
Hardware	Abb	Pb610	-	All	All	All
Hardware	Abb	Pb610	-	All	All	All
Operating System	Abb	Pb610 Firmware	All	All	All	All

References

Reference	Source	Link	Tags
404 Not Found	MISC	www.darkmatter.ae	Exploit, Patch, Third Party Advisory
ABB HMI Hardcoded Credentials ≈ Packet Storm	MISC	packetstormsecurity.com	Third Party Advisory, VDB Entry
Multiple ABB Products CVE-2019-7225 Hardcoded Credentials Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
Full Disclosure: XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability	FULLDISC	seclists.org	Mailing List, Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

591299 ABB CP620, CP630, CP635 Hardcoded Credentials Multiple Vulnerabilities (3ADR010376)