CVE-2019-7230
ABB IDAL FTP Server Uncontrolled Format String
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The ABB IDAL FTP server mishandles format strings in a username during the authentication process. Attempting to authenticate with the username %s%p%x%d will crash the server. Sending %08x.AAAA.%08x.%08x will log memory content from the stack.
El servidor FTP IDAL de ABB maneja inapropiadamente las cadenas de formato en un nombre de usuario durante el proceso de autenticación. Al intentar autenticarse con el nombre de usuario %s%p%x%d el servidor se bloqueará. Al enviar %08x.AAAA.%08x.%08x registrará el contenido de memoria de la pila.
The IDAL FTP server is vulnerable to memory corruption through insecure use of user supplied format strings. An attacker can abuse this functionality to bypass authentication or execute code on the server.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-30 CVE Reserved
- 2019-06-21 CVE Published
- 2024-07-22 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-134: Use of Externally-Controlled Format String
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108886 | Third Party Advisory | |
| https://www.darkmatter.ae/xen1thlabs/published-advisories | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| http://packetstormsecurity.com/files/153386/ABB-IDAL-FTP-Server-Uncontrolled-Format-String.html | 2024-08-04 | |
| http://seclists.org/fulldisclosure/2019/Jun/33 | 2024-08-04 |
| URL | Date | SRC |
|---|---|---|
| https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377&LanguageCode=en&DocumentPartId=&Action=Launch | 2022-11-30 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Abb Search vendor "Abb" | Pb610 Panel Builder 600 Firmware Search vendor "Abb" for product "Pb610 Panel Builder 600 Firmware" | >= 1.91 <= 2.8.0.367 Search vendor "Abb" for product "Pb610 Panel Builder 600 Firmware" and version " >= 1.91 <= 2.8.0.367" | - |
Affected
| in | Abb Search vendor "Abb" | Pb610 Panel Builder 600 Search vendor "Abb" for product "Pb610 Panel Builder 600" | - | - |
Safe
|