CVE-2022-1596

ABB Relion REX640 Insufficient file access control

CVSS 6.5 MEDIUMEPSS 0.6%CWE-732

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.5EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

21 Jun 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

ABB · REX640 PCL1 ABB · REX640 PCL2 ABB · REX640 PCL3

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421