You are here

ABB Asset Suite (ICSA-20-072-02) – Product Used in the Energy Sector

ABB Asset Suite (ICSA-20-072-02) – Product Used in the Energy Sector

Created: Thursday, March 12, 2020 - 13:53
Categories:
Cybersecurity

CISA has published an advisory on an authorization bypass through user-controlled key vulnerability in ABB Asset Suite. Versions 9.6 and prior, excluding 9.4.2.6 and 9.5.3.2, are affected. Successful exploitation of this vulnerability could allow an attacker access to unauthorized information in the application by direct resource access. ABB recommends users apply updates as soon as they are able. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.