ABB team from security advisor, has found multiple vulnerabilities in Freelance Controller.
The following table is affected products:
Freelance major version Freelance controllers CVE-2023-0425 CVE-2023-0426
V9.2 SP2 and prior DCP
AC 700F Yes Yes
AC 800F
Freelance 2013 DCP
Freelance 2013 SP1
Freelance 2016 AC 700F Yes Yes
Freelance 2016 SP1
Freelance 2019 AC 800F
Freelance 2019 SP1
Freelance 2019 SP1 FP1 AC 900F Yes Yes
ABB is aware of vulnerabilities in the product versions listed above. An update is available that resolves
the reported vulnerabilities in the product versions under maintenance.
An attacker who successfully exploited one or more of these vulnerabilities could cause the product to
stop or make the product inaccessible.
General security recommendation is coming from ABB Security team:
Control systems and the control network are exposed to cyber threats. In order to minimize these risks,
the protective measures and best practices listed below are available in addition to other measures. ABB
strongly recommends system integrator and asset owners to implement the measures they consider
appropriate for their control system environment:
– Place control systems in a dedicated control network containing control systems only.
– Locate control networks and systems behind firewalls and separate them from any other networks
like business networks and the Internet.
– Block any inbound Internet traffic destined for the control networks/systems. Place remote access
systems used for remote control system access outside the control network.
– Use trusted, patched software and malware protection solutions. Interact with trusted web sites and
trusted email attachments only.
– Ensure all Freelance products are always up to date in terms of installed software, operating system
and firmware patches as well as anti-virus and firewall.
– Protect control systems from physical access by unauthorized personnel e.g. by placing them in
locked switch cabinets.
Thanks for sharing your thoughts on Exploit.
Regards
Hurrah, that’s what I was exploring for, what a material!
present here at this blog, thanks admin of this site.
Hello everyone, it’s my first pay a visit at this website,
and paragraph is truly fruitful for me, keep up posting such posts.
Great web site. A lot of helpful info here. I’m sending it to a few buddies ans also sharing in delicious.
And of course, thanks in your effort!
This is my first time pay a visit at here and i am truly pleassant to read everthing at single place.