OTPulse

Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates

Plan PatchCVSS 7.5sa25p001Jan 15, 2025
Attack path
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

An attacker can masquerade as services on affected devices due to use of insecure algorithms for self-signed certificates. The vulnerability allows an attacker to generate certificates that appear legitimate, potentially enabling man-in-the-middle attacks or service impersonation on systems running the affected software.

What this means
What could happen
An attacker could impersonate critical automation services on your ABB systems, potentially redirecting or intercepting communications between controllers and field devices, or forcing devices to trust malicious certificates.
Who's at risk
Water utilities and electric utilities operating ABB Automation Runtime or mapp View software should prioritize this update if these products are used to generate self-signed certificates on production machines. This is particularly important for facilities that rely on certificate-based authentication between automation controllers, HMIs, and field devices.
How it could be exploited
An attacker with network access to the affected Automation Runtime or mapp View instance could generate or manipulate self-signed certificates using weak cryptographic algorithms. The attacker would then present these certificates to other systems on the network, which would accept them as legitimate due to the weak cryptography, allowing the attacker to impersonate a trusted service.
Prerequisites
  • Network access to the ABB Automation Runtime or mapp View service on port 443 or relevant TLS/SSL port
  • Knowledge that the target system uses self-signed certificates generated by the affected software
remotely exploitableno authentication requiredlow complexityaffects service authentication and trustcertificate impersonation possible
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Automation Runtime < 6.1<6.16.1
mapp View < 6.1<6.16.1
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDIf updating is not immediately possible, restrict network access to Automation Runtime and mapp View services to trusted engineering workstations and control systems only via firewall rules
Schedule — requires maintenance window
0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpdate B&R Automation Runtime to version 6.1 or later
HOTFIXUpdate B&R mapp View to version 6.1 or later
HARDENINGRegenerate all self-signed certificates after patching to ensure they use secure cryptographic algorithms
View full ABB PSIRT advisory
API: /api/v1/advisories/f6485d4e-6481-40e4-936f-b9d15006dbe6

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.

Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates | CVSS 7.5 - OTPulse