ABB e-Design

Plan Patch7.8ICS-CERT ICSA-22-179-01Jun 28, 2022

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

ABB e-Design versions earlier than 1.12.2.0006 contain privilege escalation and denial-of-service vulnerabilities (CWE-276) that allow a local low-privilege user to escalate to administrator access or cause the application to crash. The vulnerability is not remotely exploitable and requires the attacker to have local access to the machine or an active user session.

What this means

What could happen

An attacker with local access and low privileges could escalate to administrator access on the e-Design machine, potentially altering engineering designs or disrupting the configuration of ABB equipment. Alternatively, the attacker could cause the application to crash, denying service to operators who rely on it for system configuration.

Who's at risk

Engineering and plant operations staff who use ABB e-Design to configure and manage ABB equipment (such as drives, motors, and process control devices) in manufacturing, water treatment, power distribution, and other industrial environments. Any organization running e-Design versions earlier than 1.12.2.0006 is at risk.

How it could be exploited

An attacker must be logged into the e-Design machine with a low-privilege user account (or already have physical access to an unlocked machine). From there, they can exploit the privilege escalation vulnerability to gain administrator access, allowing them to modify designs, access sensitive configuration data, or crash the application.

Prerequisites

Local access to the e-Design machine
Low-privilege user credentials or ability to login as any user
Machine must not have been patched to version 1.12.2.0006 or later

Local access requiredLow privilege escalation complexityAffects engineering workstations

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (1)

ProductAffected VersionsFix Status

e-Design: All< 1.12.2.00061.12.2.0006

Remediation & Mitigation

0/3

Do now

0/2

WORKAROUNDDo not permit any additional users to log into the e-Design machine until the patch has been applied

HARDENINGAlways lock the e-Design machine when unattended to prevent unauthorized physical access

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate ABB e-Design to version 1.12.2.0006 or later

CVEs (2)

CVE-2022-28702 CVE-2022-29483

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/3c379cc6-9fad-4964-86c2-5c7ba5f44d6d