CVE-2020-10287 – RVD#3326: Hardcoded default credentials on IRC 5 OPC Server
https://notcve.org/view.php?id=CVE-2020-10287
The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default credentials and consider thereby this an exposure that should be mitigated. Moreover, future deployments should consider that these defaults should be forbidden (user should be forced to change them). La familia IRC5 con servicio UAS habilitado viene por defecto con credenciales que se pueden encontrar en los manuales disponibles públicamente. ABB considera que esta es una funcionalidad bien documentada que ayuda al cliente a configurar, sin embargo, a partir de nuestra investigación, encontramos múltiples sistemas de producción que ejecutan estas credenciales predeterminadas exactas y consideramos que es una exposición que debe ser mitigada. • https://github.com/aliasrobotics/RVD/issues/3326 • CWE-255: Credentials Management Errors CWE-522: Insufficiently Protected Credentials •
CVE-2020-10288 – RVD#3327: No authentication required for accesing ABB IRC5 FTP server
https://notcve.org/view.php?id=CVE-2020-10288
IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted. IRC5 expone un servidor ftp (puerto 21). Al intentar conseguir acceso, se le solicita una petición de nombre de usuario y contraseña, sin embargo, puede ingresar lo que desee. • https://github.com/aliasrobotics/RVD/issues/3327 • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVE-2012-0245
https://notcve.org/view.php?id=CVE-2012-0245
Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used in ABB Interlink Module, IRC5 OPC Server, PC SDK, PickMaster 3 and 5, RobView 5, RobotStudio, WebWare SDK, and WebWare Server, allow remote attackers to execute arbitrary code via a crafted (1) 0xA or (2) 0xE Netscan packet. Múltiples vulnerabilidades de desbordamiento de búfer basados ??en pila en RobNetScanHost.exe en ABB Robot Comunications Runtime antes de v5.14.02, tal y como se utiliza en el módulo ABB Interlink, IRC5 OPC Server, PC SDK, PickMaster v3 y v5, RobView v5, RobotStudio, WebWare SDK, y WebWare Server, permiten a atacantes remotos ejecutar código de su elección a través de un paquete Netscan (1) 0xA o (2) 0xE específicamente modificado para este fin. • http://archives.neohapsis.com/archives/bugtraq/2012-02/0125.html http://secunia.com/advisories/48090 http://www.securityfocus.com/bid/52123 http://www.us-cert.gov/control_systems/pdf/ICSA-12-059-01.pdf http://www.zerodayinitiative.com/advisories/ZDI-12-033 http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/f261be074480dc24c12579a00049ecd5/%24file/si10227a1%20vulnerability%20security%20advisory.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •