Researchers from Zero Day Vulnerability security LAB has found a vulnerability, in different ABB products.
On the 16thof June 2020, a series of vulnerabilities affecting a TCP/IP library from Treck Inc. were made public by JSOF Tech in Jerusalem, Israel. The products listed in this document have integrated this library and thus are affected by the vulnerabilities listed in this document. Firmware updates will be announced at a later stage and this notification will be updated accordingly.
The products listed above use the vulnerable TCP/IP stacks .An attacker could exploit the vulnerabilities by sending specially crafted messages via the Ethernet Network.
Firmware updates represent an integral part of ABB’s life cycle management of Distribution Automation products. ABB will provide the support by delivering the necessary firmware updates according to ABB’s Product Life Cycle Management policy. Firmware updates will be announced in later stage and this notification will be updated accordingly.