ABB AWIN Gateways
Summary
CISA has issued an alert regarding multiple vulnerabilities in ABB AWIN Gateways, specifically firmware versions affecting ABB AWIN GW100 rev.2 and ABB AWIN GW120. Successful exploitation could allow attackers to remotely reboot devices or gain unauthenticated access to system configuration details.
IFF Assessment
These vulnerabilities enable attackers to remotely control critical infrastructure devices and extract sensitive information, posing a significant threat to operational security.
Severity
The CVSS score of 8.3 indicates a high severity, reflecting the potential for remote exploitation and significant impact, including unauthorized access to critical system information and remote device reboots.
Defender Context
Defenders should prioritize patching or implementing mitigations for ABB AWIN Gateways to protect against these critical vulnerabilities. The identified flaws highlight the ongoing risks associated with legacy industrial control systems and the importance of secure configuration management and regular security audits in critical infrastructure environments.