CVE-2019-7232
published 2019-06-24CVE-2019-7232: The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and…
PriorityP266high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
52.09%
98.8th percentile
The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler (SEH) address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to overflow the buffer and overwrite the SEH address, which can then be leveraged to execute attacker-controlled code on the server.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| abb | pb610_panel_builder_600_firmware | 1.91 – 2.8.0.367 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.05.8MEDIUMAV:A/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
ABB PB610 Panel Builder 600
cisa_ics·2019-06-27·CVSS 8.8
[HIGH] ABB PB610 Panel Builder 600
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
ABB PB610 Panel Builder 600
Last RevisedJune 27, 2019
Alert CodeICSA-19-178-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Low skill level to exploit
- Vendor: ABB
- Equipment: PB610 Panel Builder 600
- Vulnerabilities: Use of Hard-coded Credentials, Improper Authentication, Relative Path Traversal, Improper Input Validation, Stack-based Buffer Overflow
## 2. RISK EVALUATION
An attacker who successfully exploits these vulnerabilities could prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affecte
GHSA
GHSA-cg5v-gm33-jwmv: The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request
ghsa_unreviewed·2022-05-24
CVE-2019-7232 [HIGH] CWE-787 GHSA-cg5v-gm33-jwmv: The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request
The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler (SEH) address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to overflow the buffer and overwrite the SEH address, which can then be leveraged to execute attacker-controlled code on the server.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/153403/ABB-IDAL-HTTP-Server-Stack-Based-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2019/Jun/40http://seclists.org/fulldisclosure/2019/Jun/40http://www.securityfocus.com/bid/108886https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377&LanguageCode=en&DocumentPartId=&Action=Launchhttps://www.darkmatter.ae/xen1thlabs/published-advisories/http://packetstormsecurity.com/files/153403/ABB-IDAL-HTTP-Server-Stack-Based-Buffer-Overflow.htmlhttp://seclists.org/fulldisclosure/2019/Jun/40http://seclists.org/fulldisclosure/2019/Jun/40http://www.securityfocus.com/bid/108886https://search.abb.com/library/Download.aspx?DocumentID=3ADR010377&LanguageCode=en&DocumentPartId=&Action=Launchhttps://www.darkmatter.ae/xen1thlabs/published-advisories/
2019-06-24
Published