ABB GATE-E2

Act Now9.8ICS-CERT ICSA-18-352-01Dec 18, 2018

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

ABB GATE-E1 and GATE-E2 industrial gateway devices contain authentication bypass vulnerabilities (CWE-306) and potentially cross-site scripting issues (CWE-79) in their telnet and web administrative interfaces. Successful exploitation allows unrestricted administrative access, enabling an attacker to read or modify device registers, alter configuration settings, or disable the device. Both product lines have reached end-of-life; no firmware patches will be released.

What this means

What could happen

An attacker with network access to the GATE-E2 device could gain unrestricted administrative control, allowing them to read or modify device registers, change critical settings, or disable the device entirely, disrupting whatever process it controls.

Who's at risk

Water utilities, electric utilities, and other municipal operators using ABB GATE-E1 or GATE-E2 industrial gateways for control system communications and monitoring. Any facility relying on these devices for remote access or telemetry to PLCs and field equipment is at risk.

How it could be exploited

An attacker sends unauthenticated requests over the network to the device's telnet or web interface. Because the device has missing or weak authentication controls (CWE-306), the attacker gains direct administrative access without credentials. From there they can issue commands to alter device configuration or disable operations.

Prerequisites

Network reachability to the GATE-E2 device on telnet or HTTP/web interface ports
No valid credentials required

Remotely exploitableNo authentication requiredLow complexityNo patch available (end-of-life product)High CVSS score (9.8)

Exploitability

Moderate exploit probability (EPSS 1.3%)

Affected products (2)

2 EOL

ProductAffected VersionsFix Status

GATE-E2 - GATE-E2 (EOL OCT 2018)GATE-E2 (EOL OCT 2018)No fix (EOL)

GATE-E2 - GATE-E1 (EOL 2013), andGATE-E1 (EOL 2013)No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/3

HARDENINGIsolate GATE-E2 devices from the corporate network and the Internet using a firewall and managed switches with minimal exposed ports

HARDENINGPhysically restrict access to GATE-E2 devices to authorized personnel only

WORKAROUNDIf remote access is absolutely required, implement a VPN with current security patches and restrict access to a dedicated management workstation

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGScan all portable computers and removable media for malware before connecting to the control system network

CVEs (2)

CVE-2018-18995 CVE-2018-18997

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b73f0877-547c-4597-afca-44f12a5c9e8c