CVE-2018-17928

EPSS 0.8%CWE-287

The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism.

Affected products

ABB · CMS-770

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-352-06 http://www.securityfocus.com/bid/106244