These vulnerabilities allowed attackers to hijack or shut down industrial controllers
ABB thanked Natalya Tlyapova and Denis Goryushev for discovering two vulnerabilities in its Freelance AC 900F and AC 700F controllers. These devices are used in the metal and chemical industry. The vendor was notified of the threat in line with the responsible disclosure policy and released software patches.
The AC 900F and AC 700F controllers are used in distributed control systems (DCS) of industrial plants to automate their continuous production processes. ABB is leading in the global DCS market, with a market share of 20%.
Vulnerabilities CVE-2023-0425 and CVE-2023-0426 both received a CVSS v3.1 score of 8.6, which means high severity.
According to the application analysts at Positive Technologies who discovered the vulnerabilities, exploitation of these security flaws can allow attackers to shut down controllers, disrupting production processes. In addition, sending a specially crafted package could enable remote code execution attacks aimed at hijacking the devices.
ABB recommends installing updates Freelance 2016 SP1 RU06, Freelance 2019 SP1 RU02, and Freelance 2019 SP1 FP1 RU03 as soon as possible. To mitigate the threat, users can also take actions described in the security advisory.
Positive Technologies suggests using PT Industrial Security Incident Manager, an in-depth industrial traffic analysis system, for detecting attempts to exploit ICS vulnerabilities. PT ISIM recognizes communication protocols of ABB Freelance controllers, analyzes commands, and informs the security team about suspicious events and incidents.
