CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10287 – RVD#3326: Hardcoded default credentials on IRC 5 OPC Server
https://notcve.org/view.php?id=CVE-2020-10287
15 Jul 2020 — The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default credentials and consider thereby this an exposure that should be mitigated. Moreover, future deployments should consider that these defaults should be forbidden (user should be forced to change them). La familia IRC... • https://github.com/aliasrobotics/RVD/issues/3326 • CWE-255: Credentials Management Errors CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10288 – RVD#3327: No authentication required for accesing ABB IRC5 FTP server
https://notcve.org/view.php?id=CVE-2020-10288
15 Jul 2020 — IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted. IRC5 expone un servidor ftp (puerto 21). Al intentar conseguir acceso, se le solicita una petición de nombre de usuario y contraseña, sin embargo, puede ingresar lo que desee. • https://github.com/aliasrobotics/RVD/issues/3327 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 27%CPEs: 10EXPL: 0CVE-2012-0245
https://notcve.org/view.php?id=CVE-2012-0245
09 Mar 2012 — Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used in ABB Interlink Module, IRC5 OPC Server, PC SDK, PickMaster 3 and 5, RobView 5, RobotStudio, WebWare SDK, and WebWare Server, allow remote attackers to execute arbitrary code via a crafted (1) 0xA or (2) 0xE Netscan packet. Múltiples vulnerabilidades de desbordamiento de búfer basados ??en pila en RobNetScanHost.exe en ABB Robot Comunications Runtime antes de v5.14.02, tal y como se utili... • http://archives.neohapsis.com/archives/bugtraq/2012-02/0125.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •