ABB PB610 Panel Builder 600

Plan PatchCVSS 8.8ICS-CERT ICSA-19-178-01Jun 27, 2019

ABB

Attack path

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The PB610 Panel Builder 600 contains multiple vulnerabilities including hardcoded credentials (CWE-798), authentication bypass (CWE-287), path traversal (CWE-23), improper input validation (CWE-20), and buffer overflow (CWE-121). An attacker with network access to an affected control panel could bypass security controls, execute arbitrary code, stop operations, or prevent legitimate access. Affected versions are 1.91 through 2.8.0.367. The vulnerabilities are fixed in version 2.8.0.424 and updated board support packages UN30 and UN31 v2.31.

What this means

What could happen

An attacker with network access to the PB610 panel could execute arbitrary code or stop operations on the control panel, potentially disrupting process control or altering critical setpoints. If the panel is offline, an attacker would need physical access.

Who's at risk

Water utilities and electric utilities using ABB PB610 Panel Builder 600 HMI (human-machine interface) panels for process control should prioritize this. The impact affects any organization relying on CP600 control panels with PB610 applications for SCADA, pump control, valve operation, or other critical automation tasks.

How it could be exploited

An attacker on the same network as the PB610 panel can send malicious requests to the panel's remote interface. The vulnerability chain involves hardcoded credentials, path traversal, improper input validation, and buffer overflow conditions. If exploited, the attacker gains code execution on the panel itself.

Prerequisites

Network access to the PB610 panel (if networked); otherwise physical access to the device
No authentication required for exploitation
Panel must be running PB610 firmware version 1.91 through 2.8.0.367

Remotely exploitable (if networked)No authentication requiredLow complexity attackMultiple vulnerability types (hardcoded credentials, path traversal, buffer overflow)Affects process control operationsPatch available but requires maintenance window

Exploitability

Some exploitation risk — EPSS score 7.4%

Affected products (1)

ProductAffected VersionsFix Status

PB610 Panel Builder 600 order code: 1SAP500900R01011SAP500900R0101 | 1.91 ≤ 2.8.0.3672.8.0.424

Remediation & Mitigation

0/8

Do now

0/2

WORKAROUNDRestrict network access to the PB610 panel to only trusted devices and networks using firewall rules

HARDENINGEnsure 'Force Remote Login' option is enabled in security settings (default setting) and configure unique user credentials for remote clients instead of default passwords

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpdate PB610 Panel Builder 600 to version 2.8.0.424 or later

HOTFIXUpdate board support package (BSP) UN31 to version 2.31 or later

HOTFIXUpdate board support package (BSP) UN30 to version 2.31 or later

Long-term hardening

0/3

HARDENINGIsolate the PB610 panel on a separate network segment from general IT networks and the Internet using firewalls and network segmentation

HARDENINGRestrict physical access to the PB610 panel to authorized personnel only

HARDENINGIf remote access is necessary, use a VPN connection to the panel instead of direct network exposure

CVEs (7)

CVE-2019-7225 CVE-2019-7226 CVE-2019-7227 CVE-2019-7228 CVE-2019-7230 CVE-2019-7232 CVE-2019-7231

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/7b3e1268-a1f1-48b6-967f-ab459d8054f9

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.