CVE-2018-1168 : Security Advisory and Response
Learn about CVE-2018-1168, an improper access control vulnerability in ABB MicroSCADA 9.3 with FP 1-2-3, allowing local attackers to escalate privileges. Find mitigation steps and preventive measures here.
A vulnerability has been discovered in ABB MicroSCADA 9.3 with FP 1-2-3, allowing local attackers to escalate privileges by manipulating critical files.
Understanding CVE-2018-1168
This CVE involves an improper access control vulnerability in ABB MicroSCADA 9.3 with FP 1-2-3, potentially enabling attackers to elevate their privileges.
What is CVE-2018-1168?
The vulnerability in ABB MicroSCADA 9.3 with FP 1-2-3 allows authenticated local attackers to exploit access control misconfigurations, leading to privilege escalation to SYSTEM level.
The Impact of CVE-2018-1168
- Local attackers can manipulate critical files after installation, normally protected, to escalate privileges.
Technical Details of CVE-2018-1168
This section provides more technical insights into the vulnerability.
Vulnerability Description
- The flaw lies in the access control configuration of installed product files.
Affected Systems and Versions
- Product: ABB MicroSCADA
- Version: 9.3 with FP 1-2-3
Exploitation Mechanism
- Attackers need to execute code with low privileges on the system to exploit the vulnerability.
Mitigation and Prevention
Steps to address and prevent the CVE-2018-1168 vulnerability.
Immediate Steps to Take
- Apply vendor-supplied patches or updates promptly.
- Restrict access to critical systems to authorized personnel only.
Long-Term Security Practices
- Regularly monitor and audit access controls and file permissions.
- Educate users on safe computing practices and the importance of security updates.
Patching and Updates
- Regularly check for security advisories and updates from ABB to patch known vulnerabilities.