CVE-2022-1596 MEDIUM

CVE-2022-1596: ABB Relion REX640 Insufficient file access control

Vendor Abb
Product REX640 PCL1
Weakness CWE-732
Published June 21, 2022
Last update September 16, 2024

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.

Key dates

02Disclosure timeline

June 21, 2022 CVE published
September 16, 2024 Record updated