CVE-2019-18997

Summary

The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access.

Affected Software

VendorProductVersion RangeStatus
ABBPB610 Panel Builder 600unspecified <= 2.8.0.424affected

Weaknesses

  • CWE-424: CWE-424 Improper Protection of Alternate Path

ADP Enrichment

CVE Program Container

Additional References

References