ABB EIBPORT
Summary
ABB is aware of multiple vulnerabilities in its EIBPORT product versions. A firmware update is available to resolve these issues, which could allow an attacker to access sensitive information and change device configurations.
IFF Assessment
The vulnerabilities allow unauthorized access to sensitive information and configuration changes, posing a direct risk to defenders.
Severity
The CVSS score of 8.0 indicates a high severity. The vulnerability (CWE-79 Cross-site Scripting) allows attackers to potentially gain access to sensitive information and alter device configurations.
Defender Context
This alert highlights critical vulnerabilities in ABB EIBPORT devices used in critical infrastructure. Defenders should prioritize patching affected systems to prevent potential data exfiltration and unauthorized configuration changes. Organizations using ABB EIBPORT should consult the CISA alert for specific affected versions and remediation guidance.