CVE-2016-4524

CWE-284 — Improper Access Control CWE-3103 documents3 sources

Severity

6.5MEDIUM

EPSS

0.0%

top 85.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ABB Pcm600

Timeline

PublishedJun 10

Latest updateMay 17

Description

ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:NExploitability: 2.0 | Impact: 4.0

Affected Packages1 packages

▶NVDabb/pcm6002.6

🔴Vulnerability Details

GHSA

GHSA-8mqx-rxrp-v4x5: ABB PCM600 before 2↗2022-05-17

▶

CVEList

CVE-2016-4524: ABB PCM600 before 2↗2016-06-10

▶