Description
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
http://search.abb.com/library/Download.aspx?DocumentID=3ADR010466&LanguageCode=en&DocumentPartId=&Action=Launch
Scores
CVSS v3
7.1
EPSS
0.0014
EPSS Percentile
33.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L
Details
CWE
CWE-426
CWE-424
Status
published
Products (1)
abb/pb610_panel_builder_600
< 2.8.0.424
Published
Dec 18, 2019
Tracked Since
Feb 18, 2026