CVE-2022-1596
MEDIUMABB REX640 PCL1 < 1.0.7, PCL2 < 1.1.4, PCL3 < 1.2.1 - Incorrect Permission Assignment
Title source: llmDescription
Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.
References (1)
Core 1
Core References
Mitigation, Vendor Advisory x_refsource_misc
https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421
Scores
CVSS v3
6.5
EPSS
0.0060
EPSS Percentile
44.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-732
Status
published
Products (3)
abb/rex640_pcl1_firmware
< 1.0.7
abb/rex640_pcl2_firmware
< 1.1.4
abb/rex640_pcl3_firmware
< 1.2.1
Published
Jun 21, 2022
Tracked Since
Feb 18, 2026