CVE-2017-9664

Name of the Vulnerable Software and Affected Versions ABB SREA-01 versions up to 3.31.5 ABB SREA-50 version up to 3.32.8

Description The issue allows an attacker to access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without authorization over the network. This is achieved by using a HTTP request that refers to files using ../../ relative paths. Once the internal password file is retrieved, the password hash can be identified using a brute force attack. Additionally, there is a possibility of running commands after authorization.

Recommendations For ABB SREA-01 versions up to 3.31.5, restrict access to the HTTP request endpoint to minimize the risk of exploitation. For ABB SREA-50 version up to 3.32.8, consider disabling the ability to access internal files using relative paths until a patch is available. As a temporary workaround, limit network access to the affected tools to prevent unauthorized file access.