ABB CP400 Panel Builder TextEditor 2.0 (ICSA-19-017-02) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has released an advisory on an improper input validation vulnerability in ABB CP400 Panel Builder TextEditor 2.0. Versions 2.0.7.05 and prior are affected. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code and cause a denial-of-service condition within the Text Editor application. ABB recommends users of affected Versions 2.0.7.05 and prior update to the latest Version 2.1.7.21. The NCCIC also advises on a series of mitigating measures for this vulnerability. Read the full advisory at NCCIC/ICS-CERT.