System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text

MonitorCVSS 7.37paa012159Feb 10, 2025

ABB

Attack path

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

ABB System 800xA versions 5.1.x, 6.0.3.x, 6.1.1.x, and 6.2.x contain a vulnerability where VideONet camera product passwords are stored in plaintext in configuration files. An attacker with local file system access could extract these credentials and gain unauthorized access to camera systems, potentially manipulating or stopping video feeds. No update will be released for this vulnerability; ABB intends to offer customers migration to the new Camera Connect product when available. Control operations and other System 800xA functions are not affected.

What this means

What could happen

An attacker with local access to the System 800xA workstation could extract VideONet camera credentials stored in plaintext, potentially allowing unauthorized access to camera systems and manipulation or interruption of video feeds used for plant monitoring and security.

Who's at risk

Organizations running ABB System 800xA (versions 5.1.x, 6.0.3.x, 6.1.1.x, or 6.2.x) with integrated VideONet camera systems should be concerned. This affects control room operators and engineering staff who use these workstations for plant monitoring and surveillance. The risk is primarily to camera system security and plant visibility, not to core control operations.

How it could be exploited

An attacker with local access to a System 800xA workstation (or with file system access through a compromised account) can read the plaintext camera passwords from the VideONet configuration files. These credentials can then be used to access the camera system directly to alter, disable, or intercept video feeds.

Prerequisites

Local access to the System 800xA workstation file system
User account with permissions to read VideONet configuration files
Knowledge of where VideONet stores its configuration data

Local access required for exploitationLow complexity exploitPlaintext credential storageNo vendor patch plannedEnd-of-life product with no fix available

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (4)

1 pending3 EOL

ProductAffected VersionsFix Status

System 800xA 5.1.x5.1.*No fix (EOL)

System 800xA 6.1.1.x6.1.1.*No fix (EOL)

System 800xA6.0.3.x6.0.3.*No fix yet

System 800xA 6.2.x6.2.*No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGRestrict physical and logical access to System 800xA workstations to authorized engineering and operator personnel only

HARDENINGImplement local access controls and file permissions to limit which users can read VideONet configuration directories

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

WORKAROUNDIf VideONet is not actively used, consider disabling the VideONet product in System 800xA until migration is possible

Long-term hardening

0/1

WORKAROUNDPlan migration from VideONet to Camera Connect product as soon as it becomes available from ABB

CVEs (1)

CVE-2024-10334

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/5616d451-02d6-4a69-b29a-5b0b12b8be67

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.