CVE-2018-18995

CVE-2018-18995

Vendor N/A
Product ABB GATE-E1 and GATE-E2
Weakness CWE-306 · Missing auth
Published January 3, 2019
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing configuration settings such as IP addresses.

Key dates

02Disclosure timeline

January 3, 2019 CVE published
August 5, 2024 Record updated