CVE-2018-18995
published 2019-01-03CVE-2018-18995: Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web…
PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.65%
83.7th percentile
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing configuration settings such as IP addresses.
Detection & IOCsextracted from sources · hover to see the quote
- →Target administrative telnet interface on ABB GATE-E1/GATE-E2 devices — no authentication is required, allowing unauthenticated remote access ↗
- →Target administrative web interface on ABB GATE-E1/GATE-E2 devices — no authentication is required; also vulnerable to stored XSS via device property fields (CVE-2018-18997) ↗
- →Exploitation is remotely possible with low skill level; monitor for unauthenticated telnet and HTTP connections to ABB GATE-E1/GATE-E2 devices from unexpected sources ↗
- ·No firmware patch will be released; both GATE-E1 (EOL 2013) and GATE-E2 (EOL OCT 2018) are end-of-life. Mitigation relies entirely on network segmentation and defense-in-depth, not a software fix. ↗
- ·No known public exploits exist for this vulnerability at time of advisory publication. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-478p-r52m-3xfc: Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet o
ghsa_unreviewed·2022-05-13
CVE-2018-18995 [CRITICAL] CWE-306 GHSA-478p-r52m-3xfc: Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet o
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing configuration settings such as IP addresses.
CISA ICS
ABB GATE-E2
cisa_ics·2018-12-18·CVSS 9.8
[CRITICAL] ABB GATE-E2
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
ABB GATE-E2
Last RevisedDecember 18, 2018
Alert CodeICSA-18-352-01
## 1. EXECUTIVE SUMMARY
-
CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: ABB
- Equipment: GATE-E2
- Vulnerabilities: Missing Authentication for Critical Function, Cross-site Scripting
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow unrestricted access to the administrative telnet/web interface of the device, enabling attackers to compromise the availability of the device, read or modify registers and settings, or change the device config
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-01-03
Published