Successful exploitation of this vulnerability could allow an attacker to send a specially crafted message to the system node allowing the attacker to install and run arbitrary code, uninstall applications, and modify the configuration of installed applications.
The following versions of ABB Edgenius Management Portal are affected:
Edgenius Management Portal 3.2.0.0|3.2.1.1
Vendor
Equipment
ABB
ABB Edgenius Management Portal
Authentication Bypass Using an Alternate Path or Channel
Critical Infrastructure Sectors: Critical Manufacturing, Information Technology
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Switzerland
The Edgenius Management Portal in the affected product versions contains a vulnerability that allows authentication to be bypassed. An attacker could exploit the vulnerability by sending a specially crafted message to the system node allowing...