ABB eSOMS (ICSA-20-072-01) – Product Used in the Energy Sector

CISA has published an advisory on numerous vulnerabilities in ABB eSOMS. Versions 6.02 and prior are affected. In the most severe case, an attacker who successfully exploited these vulnerabilities could take over a user’s browser session, discover session-based information, or affect the confidentiality of sensitive information within the application. ABB recommends users update their version of eSOMS to 6.0.3 or 6.1. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.