CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability
Plan Patch7.13KXG200000R4801Apr 16, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
A path traversal vulnerability in CoreSense™ HM and CoreSense™ M10 allows unauthenticated users to access restricted directories and read sensitive files. Exploiting this vulnerability requires local or network file system access but no credentials. Successful exploitation could expose configuration files, credentials, or process parameters and lead to further system compromise. ABB has released patched versions: CoreSense™ HM v2.3.4 and CoreSense™ M10 v1.4.1.31.
What this means
What could happen
An attacker could read sensitive files and configuration data from the device without authentication, potentially exposing credentials, process parameters, or system information that could lead to further compromise of the control system or connected networks.
Who's at risk
Organizations operating ABB CoreSense™ HM or CoreSense™ M10 monitoring and control devices, typically found in power generation, distribution automation, and industrial process control environments. Any deployment where these devices are networked or accessible via file sharing is at risk.
How it could be exploited
An unauthenticated attacker with local file system access to the CoreSense device could use path traversal sequences (e.g., "../" strings) in file requests to navigate outside intended directories and read restricted system files. This could be exploited if the device is reachable over a network share or if an attacker has physical access to connected storage.
Prerequisites
- Local or network file system access to the CoreSense device
- No authentication required
- Ability to craft or intercept file path requests
No authentication requiredLow complexity attackSensitive information exposureLocal attack vector reduces immediate risk but increases insider threat concern
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
CoreSense™ HM<=2.3.1≤ 2.3.12.3.4
CoreSense™ M10<=1.4.1.12≤ 1.4.1.121.4.1.31
Remediation & Mitigation
0/4
Do now
0/2HARDENINGRestrict local and network file system access to CoreSense devices to authorized personnel only via firewall rules and access control lists
HARDENINGReview audit logs and system access records to detect any unauthorized file access attempts or successful exploitation
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HOTFIXUpdate CoreSense™ HM to version 2.3.4 or later
HOTFIXUpdate CoreSense™ M10 to version 1.4.1.31 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/701e6046-b689-40ee-8b0a-fae04cbd8ff6