Details of VAR-201807-0341

ID

VAR-201807-0341

CVE

CVE-2018-10616

TITLE

ABB Panel Builder 800 Input validation vulnerability

Trust: 2.2

sources: IVD: e2f971a1-39ab-11e9-bb19-000c29342cb1 // CNVD: CNVD-2018-18146 // CNNVD: CNNVD-201807-1323 // JVNDB: JVNDB-2018-007879

DESCRIPTION

ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the UserSettings parameter of the ABB SIMATIC_TI500 OPC Driver. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to execute code under the context of an administrator. ABB Panel Builder 800 is a web-based HMI (Human Machine Interface) system from ABB, Switzerland

Trust: 11.16

sources: NVD: CVE-2018-10616 // JVNDB: JVNDB-2018-007879 // ZDI: ZDI-18-897 // ZDI: ZDI-18-893 // ZDI: ZDI-18-887 // ZDI: ZDI-18-907 // ZDI: ZDI-18-901 // ZDI: ZDI-18-895 // ZDI: ZDI-18-884 // ZDI: ZDI-18-899 // ZDI: ZDI-18-891 // ZDI: ZDI-18-900 // ZDI: ZDI-18-898 // ZDI: ZDI-18-912 // ZDI: ZDI-18-910 // ZDI: ZDI-18-889 // CNVD: CNVD-2018-18146 // IVD: e2f971a1-39ab-11e9-bb19-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2f971a1-39ab-11e9-bb19-000c29342cb1 // CNVD: CNVD-2018-18146

AFFECTED PRODUCTS

vendor:	abb	model:	panel builder 800	scope:	-	version:	-	Trust: 10.6
vendor:	abb	model:	panel builder 800	scope:	eq	version:	-	Trust: 1.6
vendor:	abb	model:	panel builder	scope:	eq	version:	800	Trust: 0.6
vendor:	panel builder 800	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: e2f971a1-39ab-11e9-bb19-000c29342cb1 // ZDI: ZDI-18-897 // ZDI: ZDI-18-889 // ZDI: ZDI-18-910 // ZDI: ZDI-18-912 // ZDI: ZDI-18-898 // ZDI: ZDI-18-900 // ZDI: ZDI-18-891 // ZDI: ZDI-18-899 // ZDI: ZDI-18-884 // ZDI: ZDI-18-895 // ZDI: ZDI-18-901 // ZDI: ZDI-18-907 // ZDI: ZDI-18-887 // ZDI: ZDI-18-893 // CNVD: CNVD-2018-18146 // CNNVD: CNNVD-201807-1323 // JVNDB: JVNDB-2018-007879 // NVD: CVE-2018-10616

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2018-10616
value:	MEDIUM
Trust: 5.6
ZDI:	CVE-2018-10616
value:	HIGH
Trust: 4.2
nvd@nist.gov:	CVE-2018-10616
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-10616
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-18146
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201807-1323
value:	HIGH
Trust: 0.6
IVD:	e2f971a1-39ab-11e9-bb19-000c29342cb1
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2018-10616
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 6.0
ZDI:	CVE-2018-10616
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.4
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 5.6
CNVD:	CNVD-2018-18146
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2f971a1-39ab-11e9-bb19-000c29342cb1
severity:	MEDIUM
baseScore:	6.2
vectorString:	AV:L/AC:H/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	1.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-10616
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2018-007879 // NVD: CVE-2018-10616

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201807-1323

TYPE

Input validation error

Trust: 0.8

sources: IVD: e2f971a1-39ab-11e9-bb19-000c29342cb1 // CNNVD: CNNVD-201807-1323

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-007879

PATCH

title:	ABB has issued an update to correct this vulnerability.	url:	https://library.e.abb.com/public/30b77e0dc904475295401b66ec74cd3c/3BSE092089_A_en_SECURITY_-_Panel_Builder_800_Improper_input_validation_vulnerability.pdf?x-sign=OyK2T7i661JL8oQxBk+0/iWUV+hinpu8Nt6nvVmhw581vp4nkzkQbe1JSiJQPtp0	Trust: 9.8
title:	3BSE092089	url:	http://search-ext.abb.com/library/Download.aspx?DocumentID=3BSE092089&Action=Launch	Trust: 0.8

sources: ZDI: ZDI-18-897 // ZDI: ZDI-18-889 // ZDI: ZDI-18-910 // ZDI: ZDI-18-912 // ZDI: ZDI-18-898 // ZDI: ZDI-18-900 // ZDI: ZDI-18-891 // ZDI: ZDI-18-899 // ZDI: ZDI-18-884 // ZDI: ZDI-18-895 // ZDI: ZDI-18-901 // ZDI: ZDI-18-907 // ZDI: ZDI-18-887 // ZDI: ZDI-18-893 // JVNDB: JVNDB-2018-007879

EXTERNAL IDS

db:	NVD	id:	CVE-2018-10616	Trust: 13.0
db:	ICS CERT	id:	ICSA-18-198-01	Trust: 3.0
db:	BID	id:	104882	Trust: 1.6
db:	CNVD	id:	CNVD-2018-18146	Trust: 0.8
db:	CNNVD	id:	CNNVD-201807-1323	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-007879	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-6143	Trust: 0.7
db:	ZDI	id:	ZDI-18-897	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6085	Trust: 0.7
db:	ZDI	id:	ZDI-18-889	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6422	Trust: 0.7
db:	ZDI	id:	ZDI-18-910	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6423	Trust: 0.7
db:	ZDI	id:	ZDI-18-912	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6144	Trust: 0.7
db:	ZDI	id:	ZDI-18-898	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6140	Trust: 0.7
db:	ZDI	id:	ZDI-18-900	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6087	Trust: 0.7
db:	ZDI	id:	ZDI-18-891	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6190	Trust: 0.7
db:	ZDI	id:	ZDI-18-899	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6051	Trust: 0.7
db:	ZDI	id:	ZDI-18-884	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6136	Trust: 0.7
db:	ZDI	id:	ZDI-18-895	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6225	Trust: 0.7
db:	ZDI	id:	ZDI-18-901	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6349	Trust: 0.7
db:	ZDI	id:	ZDI-18-907	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6083	Trust: 0.7
db:	ZDI	id:	ZDI-18-887	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-6098	Trust: 0.7
db:	ZDI	id:	ZDI-18-893	Trust: 0.7
db:	IVD	id:	E2F971A1-39AB-11E9-BB19-000C29342CB1	Trust: 0.2

REFERENCES

url:	https://library.e.abb.com/public/30b77e0dc904475295401b66ec74cd3c/3bse092089_a_en_security_-_panel_builder_800_improper_input_validation_vulnerability.pdf?x-sign=oyk2t7i661jl8oqxbk+0/iwuv+hinpu8nt6nvvmhw581vp4nkzkqbe1jsijqptp0	Trust: 9.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-198-01	Trust: 3.0
url:	http://search-ext.abb.com/library/download.aspx?documentid=3bse092089&action=launch	Trust: 1.6
url:	http://www.securityfocus.com/bid/104882	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10616	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10616	Trust: 0.8
url:	http://search-ext.abb.com/library/download.aspx?documentid=3bse092089&action=launch	Trust: 0.6

CREDITS

Michael DePlante - Leahy Center for Digital Investigation at Champlain College

Trust: 5.6

sources: ZDI: ZDI-18-897 // ZDI: ZDI-18-910 // ZDI: ZDI-18-912 // ZDI: ZDI-18-898 // ZDI: ZDI-18-900 // ZDI: ZDI-18-901 // ZDI: ZDI-18-907 // ZDI: ZDI-18-893

SOURCES

db:	IVD	id:	e2f971a1-39ab-11e9-bb19-000c29342cb1
db:	ZDI	id:	ZDI-18-897
db:	ZDI	id:	ZDI-18-889
db:	ZDI	id:	ZDI-18-910
db:	ZDI	id:	ZDI-18-912
db:	ZDI	id:	ZDI-18-898
db:	ZDI	id:	ZDI-18-900
db:	ZDI	id:	ZDI-18-891
db:	ZDI	id:	ZDI-18-899
db:	ZDI	id:	ZDI-18-884
db:	ZDI	id:	ZDI-18-895
db:	ZDI	id:	ZDI-18-901
db:	ZDI	id:	ZDI-18-907
db:	ZDI	id:	ZDI-18-887
db:	ZDI	id:	ZDI-18-893
db:	CNVD	id:	CNVD-2018-18146
db:	CNNVD	id:	CNNVD-201807-1323
db:	JVNDB	id:	JVNDB-2018-007879
db:	NVD	id:	CVE-2018-10616

LAST UPDATE DATE

2026-02-07T23:36:44.468000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-897	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-889	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-910	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-912	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-898	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-900	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-891	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-899	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-884	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-895	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-901	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-907	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-887	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-893	date:	2018-08-10T00:00:00
db:	CNVD	id:	CNVD-2018-18146	date:	2018-09-10T00:00:00
db:	CNNVD	id:	CNNVD-201807-1323	date:	2019-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-007879	date:	2018-10-01T00:00:00
db:	NVD	id:	CVE-2018-10616	date:	2024-11-21T03:41:40.343

SOURCES RELEASE DATE

db:	IVD	id:	e2f971a1-39ab-11e9-bb19-000c29342cb1	date:	2018-09-10T00:00:00
db:	ZDI	id:	ZDI-18-897	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-889	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-910	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-912	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-898	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-900	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-891	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-899	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-884	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-895	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-901	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-907	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-887	date:	2018-08-10T00:00:00
db:	ZDI	id:	ZDI-18-893	date:	2018-08-10T00:00:00
db:	CNVD	id:	CNVD-2018-18146	date:	2018-09-10T00:00:00
db:	CNNVD	id:	CNNVD-201807-1323	date:	2018-07-19T00:00:00
db:	JVNDB	id:	JVNDB-2018-007879	date:	2018-10-01T00:00:00
db:	NVD	id:	CVE-2018-10616	date:	2018-07-18T15:29:00.220