CVE-2022-1596
MEDIUMABB Rex640 Pcl1 Firmware < 1.0.7 - Incorrect Permission Assignment
Title source: ruleDescription
Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.
References (1)
Core 1
Core References
Mitigation, Vendor Advisory x_refsource_misc
https://search.abb.com/library/Download.aspx?DocumentID=2NGA001421
Scores
CVSS v3
6.5
EPSS
0.0022
EPSS Percentile
44.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-732
Status
published
Products (3)
abb/rex640_pcl1_firmware
< 1.0.7
abb/rex640_pcl2_firmware
< 1.1.4
abb/rex640_pcl3_firmware
< 1.2.1
Published
Jun 21, 2022
Tracked Since
Feb 18, 2026