CISA 2026-05-28

ABB EIBPORT

CVE-2021-22291

Machine-generated analysis · WAYSCloud LLM

The advisory states that affected ABB EIBPORT devices can expose session IDs and allow configuration changes if exploited. A firmware update is available to address the vulnerabilities.

Context

ABB EIBPORT is a product used in critical manufacturing and information technology sectors, according to the advisory. The advisory identifies a cross-site scripting vulnerability (CVE-2021-22291) that could allow an attacker to obtain a session ID and modify device configuration. The affected versions are all below 3.9.2 across multiple model numbers. The vendor, ABB, is headquartered in Switzerland and reports the issue as fixed with a firmware update.

Operator considerations

Check: Inventory ABB EIBPORT devices with model numbers 2CLA963710W1001, 2CSM256242R2001, or 2CLA963720W1001 running firmware below 3.9.2
Patch: Apply the available firmware update from ABB to resolve the vulnerability
Log: Monitor for unexpected web interface access or configuration changes if the device is internet-accessible

From Cybersecurity and Infrastructure Security Agency ↗

ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. A firmware update is available that resolves these privately reported vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited these vulnerabilities could access sensitive information stored inside the device and can change the configuration of the device.

The following versions of ABB EIBPORT are affected:

EIBPORT V3 KNX (2CLA963710W1001)

Read the full advisory on CISA →