CVE-2022-1596
Summary
| CVE | CVE-2022-1596 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-06-21 15:15:00 UTC |
| Updated | 2022-06-29 14:27:00 UTC |
| Description | Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node. |
Risk And Classification
Problem Types: CWE-732
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Abb | Rex640 Pcl1 | - | All | All | All |
| Operating System | Abb | Rex640 Pcl1 Firmware | All | All | All | All |
| Hardware | Abb | Rex640 Pcl2 | - | All | All | All |
| Operating System | Abb | Rex640 Pcl2 Firmware | All | All | All | All |
| Hardware | Abb | Rex640 Pcl3 | - | All | All | All |
| Operating System | Abb | Rex640 Pcl3 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| search.abb.com/library/Download.aspx | MISC | search.abb.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: ABB thanks Paul Mader and Gianluca Raberger of VERBUND AG's OT Cyber Security Lab for helping to identify the vulnerabilities and protecting our customers.
Legacy QID Mappings
- 591023 ABB Relion REX640 Insufficient file access control Vulnerability (2NGA001421)