OTPulse
FeedAboutContact

PCM600 SharpZip library vulnerability

Monitor4.42NGA002813Nov 3, 2025
Attack VectorLocal
Auth RequiredLow
ComplexityHigh
User InteractionRequired
Summary

PCM600 contains a path traversal vulnerability in the SharpZip library (CWE-22) that allows an attacker with local access and user interaction to insert and run arbitrary code within the application. The vulnerability affects PCM600 versions 1.5 through 2.13. A patch is available in version 2.14, but compatibility issues with RE_630 protection relays require mitigation planning for those environments.

What this means
What could happen
An attacker with local access and user interaction on the PCM600 system could execute arbitrary code, potentially compromising the integrity of protection and control logic for electrical distribution equipment.
Who's at risk
Electrical utilities and industrial facilities using ABB Protection and Control IED manager PCM600 (versions 1.5 through 2.13) for configuration and management of protection relays and electrical distribution equipment should prioritize assessment and patching, especially those using RE_630 relays where patch compatibility issues exist.
How it could be exploited
An attacker with local access to the PCM600 workstation could craft a malicious file that exploits the SharpZip library path traversal vulnerability. If a user with sufficient privileges opens or processes the malicious file through PCM600, the attacker gains code execution within the application context.
Prerequisites
  • Local access to the PCM600 workstation or system
  • User interaction required (user must open or process a malicious file)
  • User permissions/role sufficient to interact with vulnerable functionality
  • PCM600 version 1.5 through 2.13 installed
Path traversal via SharpZip library (CWE-22)Local access required but user interaction is the primary barrierMedium CVSS score (4.4) reflects local-only attack vectorPotential to compromise electrical protection logic if code execution achieved
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
Protection and Control IED manager PCM600 >=1.5|<=2.13≥ 1.5|≤ 2.132.14
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGIf RE_630 protection relays are in use, defer PCM600 upgrade and implement network-level access controls to restrict PCM600 workstation access to authorized engineering staff only
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade PCM600 to version 2.14 or later
Long-term hardening
0/1
HARDENINGImplement application whitelisting or file integrity monitoring on PCM600 workstations to detect unauthorized code execution
View full ABB PSIRT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9ea2a649-8620-4253-9644-9ec50d5b8b86
PCM600 SharpZip library vulnerability | CVSS 4.4 - OTPulse