ABB Robot Communications Runtime Buffer Overflow
Act NowICS-CERT ICSA-12-059-01Dec 1, 2012
ABB
Summary
A buffer overflow vulnerability exists in ABB Robot Communications Runtime and related products (IRC5 OPC Server, PC SDK, RobotStudio, WebWare Server, WebWare SDK, PickMaster 3/5, Interlink Module, and RobView). The vulnerability is in the communications runtime components used for robot control and integration. An attacker could trigger the buffer overflow by sending specially crafted data to the affected communications interfaces, potentially leading to denial of service or code execution on systems running these products.
What this means
What could happen
An attacker could cause the robot control software to crash, disrupting automated manufacturing or material handling operations, or potentially execute code on the engineering workstation controlling the robot. If the runtime is compromised, the attacker could alter robot commands or disable safety-critical functions.
Who's at risk
Manufacturing facilities and integrators using ABB IRC5 robot control systems should care. This includes anyone running RobotStudio on engineering workstations, robot controllers with Communications Runtime, or systems using the PC SDK, OPC Server, or WebWare interfaces for robot monitoring and control. Pick-and-place operations and automated manufacturing using ABB robots are directly affected.
How it could be exploited
An attacker with network access to a port exposing the Robot Communications Runtime (typically on engineering workstations or robot controllers connected to the network) sends a malicious packet with an oversized buffer. The communications runtime fails to validate input length, the buffer overflows, and depending on network segmentation, could corrupt memory on the target device or execute arbitrary code.
Prerequisites
- Network access to the port(s) listening for robot communications protocol (typically TCP/IP on engineering workstations or robot controller interfaces)
- Target must be running one of the affected product versions
remotely exploitableno patch availableaffects robot control systemshigh EPSS score (21%)
Exploitability
Likely to be exploited — EPSS score 21.0%
Affected products (10)
10 EOL
ProductAffected VersionsFix Status
Interlink Module: >=4.6|<=4.9≥ 4.6|≤ 4.9No fix (EOL)
IRC5 OPC Server: <=5.14.01≤ 5.14.01No fix (EOL)
PC SDK: <=5.14.01≤ 5.14.01No fix (EOL)
PickMaster 3: <=3.3≤ 3.3No fix (EOL)
PickMaster 5: <=5.13≤ 5.13No fix (EOL)
Robot Communications Runtime: <=5.14.01≤ 5.14.01No fix (EOL)
RobotStudio supporting IRC5: <=5.14.01≤ 5.14.01No fix (EOL)
RobView: 55No fix (EOL)
Remediation & Mitigation
0/5
Do now
0/3HARDENINGImplement network segmentation to restrict access to robot communications interfaces; isolate the robot controller and engineering workstations from untrusted networks
HARDENINGMonitor network traffic to and from robot communications ports for anomalous packet sizes or malformed requests
WORKAROUNDDisable remote access to robot communications interfaces if not operationally required
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGRestrict engineering workstation network access to only authorized subnets and devices
Mitigations - no patch available
0/1The following products have reached End of Life with no planned fix: Interlink Module: >=4.6|<=4.9, IRC5 OPC Server: <=5.14.01, PC SDK: <=5.14.01, PickMaster 3: <=3.3, PickMaster 5: <=5.13, Robot Communications Runtime: <=5.14.01, RobotStudio supporting IRC5: <=5.14.01, RobView: 5, WebWare SDK: >=4.6|<=4.9, WebWare Server: >=4.6|<=4.91. Apply the following compensating controls:
HARDENINGMonitor vendor advisories for security updates or patches when they become available
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/78fb3214-76c9-4f4b-a7a9-ef7c05d64b26Get OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.