PNI800 ABB Fischer & Porter DCI系统模块
安全–中的拒绝服务缝隙
SPIET800 INFI网络到以太网传输模块
和PNI800 S+以太网通讯
接口模块
CVE ID:CVE-2021-22285、CVE-221-22286、CVE2021-22288
留心
本文件中的信息如有更改,恕不另行告知,不得解释为
ABB的许诺。
ABB不供应任何明示或暗示的保证,包括
本文件所含信息的特别用途,不承担任何责任
本文档中或许呈现的任何差错。在任何情况下,ABB或其任何供货商均不对因运用
即便ABB或
其供货商已被奉告此类损害的或许性。
未经
ABB,以及本协议的内容不得传授给第三方,也不得用于任何未经授权的意图。
注册和商标的全部权利归于其各自的全部者。
文件编号:7 paa0 0 13 53 C Y BE SE C C C C URI advisory
设备:B
日期:2008年4月2日
共用事业部
©版权全部2022 ABB。保存全部权利。2/7
意图
ABB有严厉的内部网络安全持续改善流程,包括运用行业抢先工具进行定时测验和定时点评,以供认潜在的产品问题。有时,问题被供认为规划或编码缺陷,或许影响产品
网络安全。
当发现或陈说潜在的产品缝隙时,ABB当即发动我们的缝隙处理流程。这需求验证问题是否实际上是产品问题,
供认哪些相关产品或许受到影响,拟定补救措施,并告知终用户
以及政府安排(例如ICS-CERT)。
由此产生的网络安全咨询旨在告知客户该缝隙,并供应受影响产品的详细信息,怎样减轻该缝隙或解释尽或许减少潜在风险的解决方案。发布网络安全参谋不该被误解为供认或表明针对
这儿提到的产品。假设ABB意识到任何详细威胁,将在交流中明晰提及。
本网络安全咨询的发布是ABB致力于用户社区支撑这一要害主题的一个比方。负责任的宣布是信赖链中的一个重要因素
我们致力于与很多客户保持联系。发布咨询定见供应了及时的信息
这关于保证我们的客户充分了解情况至关重要。
受影响的产品
ABB才能™Symphony®Plus:
–SPIET800-INFI网络到以太网传输模块:全部固件版别A_B或更早版别均受影响。
–PNI800–S+以太网通讯接口模块:全部固件版别A_B或更早版别均受影响。
缝隙ID
CVE-2021-22285、CVE-221-22286、CVE-021-22288
总结
暗里陈说了与ABB实施SPIET800有关的多个缝隙
一些ABB进程自动化操控系统。同样的缝隙也影响着ABB
PNI800设备。
假设攻击者能够访问站点的操控网络,那么使用这些缝隙将导致
此类ABB设备的拒绝服务情况,需求手动重启。
SPIET800或PNI800设备的不可用将阻挠衔接的
操作和工程工作站,但不会影响系统配置数据,也不会影响
INFI Net或PN800操控网络
DOC UMEN T I D: 7PAA0 0 13 53 C Y BE R SE C URI TY ADVIS ORY
R EVI SI ON : B
DATE : 2 022-04-08
SE C URI TY L EVE L : P UBLIC
© Copyright 2022 ABB. All rights reserved. 2/7
Purpose
ABB has a rigorous internal cyber security continuous improvement process which involves regular testing with industry leading tools and periodic assessments to identify potential product issues. Occasionally an issue is determined to be a design or coding flaw with implications that may impact product
cyber security.
When a potential product vulnerability is identified or reported, ABB immediately initiates our vulnerability handling process. This entails validating if the issue is in fact a product issue, identifying root causes,
determining what related products may be impacted, developing a remediation, and notifying end users
and governmental organizations (e.g. ICS-CERT).
The resulting Cyber Security Advisory intends to notify customers of the vulnerability and provide details on which products are impacted, how to mitigate the vulnerability or explain workarounds that minimize the potential risk as much as possible. The release of a Cyber Security Advisory should not be misconstrued as an affirmation or indication of an active threat or ongoing campaign targeting the
products mentioned here. If ABB is aware of any specific threats, it will be clearly mentioned in the communication.
The publication of this Cyber Security Advisory is an example of ABB’s commitment to the user community in support of this critical topic. Responsible disclosure is an important element in the chain of trust
we work to maintain with our many customers. The release of an Advisory provides timely information
which is essential to help ensure our customers are fully informed.
Affected products
ABB Ability™ Symphony® Plus:
– SPIET800 - INFI-Net to Ethernet Transfer Module: All firmware versions A_B or earlier are affected.
– PNI800 – S+ Ethernet communication interface module: All firmware versions A_B or earlier are affected.
Vulnerability IDs
CVE-2021-22285, CVE-2021-22286, CVE-2021-22288
Summary
Multiple vulnerabilities were privately reported relating to ABB’s implementation of the SPIET800 used in
some ABB Process Automation control systems. The same vulnerabilities are also affecting the ABB
PNI800 devices.
If an attacker gains access to a site’s control network, then exploiting these vulnerabilities will result in a
denial-of-service situation for such ABB devices and will require a manual restart.
The unavailability of the SPIET800 or PNI800 devices would prevent data transactions by the connected
Operations and Engineering workstations but would not affect the system configuration data, nor the
INFI-Net or PN800 control network
| ABB | 07DC91 | GE | 369-H1-R-M-0-0-0-E | TRICONEX | 3721 | Bently 3500/05 | |||
| ABB | 07KT97 | GE | 469-P1-HI-A20-T | TRICONEX | 4351B | Bently 3500/15 | |||
| ABB | 07KT98 | GE | ACC-5595-208 | TRICONEX | 3625 | Bently 1900/65 | |||
| ABB | TA0C-2-240 | GE | DS200DCFBG1BNC | TRICONEX | 3351 | Bently 3500/22M | |||
| ABB | LDGRB-01 | GE | DS3800HFXA1D1B | TRICONEX | 3481 | Bently 3500/25 | |||
| ABB | XVC517AE02 | GE | IC695CRU320 | TRICONEX | CM2201 | Bently 3500/32 | |||
| ABB | LT8978bV1 | GE | IC695CRU320-EN | TRICONEX | CM3201 | Bently 3500/33 | |||
| ABB | 5SGA30J2501 | GE | IC697CPM790 | TRICONEX | DI3301 | Bently 3500/34 | |||
| ABB | 5SGX1060H0003 | GE | IC697CPM790-GD | TRICONEX | PI3381 | Bently 3500/40M | |||
| ABB | 5SGX1060H0004 | GE | IC698CPE030 | TRICONEX | 3625C1 | Bently 3500/42M | |||
| ABB | 5SGY3545L0002 | GE | IC698CPE030-GJ | TRICONEX | 4201 | Bently 3500/44M | |||
| ABB | 5SGY3545L0003 | GE | IC698CPE040-FI | TRICONEX | AI3351 | Bently 3500/45 | |||
| ABB | 5SGY3545L0008 | GE | IC698CPE040-FJ | TRICONEX | AI3352 | Bently 3500/46M | |||
| ABB | 5SGY3545L0009 | GE | IC698CRE040 | TRICONEX | AI3353 | Bently 3500/50 | |||
| ABB | 5SGY3545L001 | GE | IS200BPVCG1BR1 | TRICONEX | AI3354 | Bently 3500/53 | |||
| ABB | 5SGY3545L0017 | GE | IS200VCMIH2BEE | TRICONEX | AI3355 | Bently 3500/60 | |||
| ABB | 5SGY3545L0020 | GE | IS200VSVOH1B | TRICONEX | AI3356 | Bently 3500/62 | |||
| ABB | 5SGY35L4510 | GE | IS215ACLEH1A | TRICONEX | AI3357 | Bently 3500/63 | |||
| ABB | 5SGY4045L0001 | GE | IS215UCVEH2A | TRICONEX | AI3358 | Bently 3500/64M |
客服1