CISA 2026-04-30

ABB PCM600

CVE-2018-1002208

Machine-generated analysis · WAYSCloud LLM

ABB PCM600 versions 1.5 through 2.13 contain a path traversal vulnerability in SharpZip.dll that allows arbitrary code execution via crafted messages. The fix in version 2.14 is incompatible with RE_630 protection relays, requiring separate mitigation.

Context

ABB PCM600 is a Protection and Control IED manager used in critical manufacturing sectors worldwide. The advisory states that a path traversal vulnerability in SharpZip.dll allows execution of arbitrary code when specially crafted messages are processed. The vendor notes that the patched version 2.14 cannot be used with RE_630 protection relays, leaving systems with these relays vulnerable unless mitigated through system-level defenses.

Operator considerations

Check: Inventory all PCM600 installations for versions 1.5 to 2.13.
Patch: Upgrade PCM600 to version 2.14 where RE_630 relays are not present.
Isolate: Segment networks containing PCM600 systems with RE_630 relays that cannot be upgraded.

From Cybersecurity and Infrastructure Security Agency ↗

Successful exploitation of this vulnerability could allow an attacker to send specially crafted messages to the system node resulting in execution of arbitrary code.

The following versions of ABB PCM600 are affected:

PCM600 >=1.5|=1.5|

Read the full advisory on CISA →