CVE-2016-4527 : ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which

ABB PCM600 before 2.7 improperly stores PCM600 authentication credentials, which allows local users to obtain sensitive information via unspecified vectors.

Published 2016-06-10 01:59:14

Updated 2016-06-15 18:48:01

Source ICS-CERT

View at NVD, CVE.org

Products affected by CVE-2016-4527

ABB » Pcm600
Versions up to, including, (<=) 2.6
cpe:2.3:a:abb:pcm600:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-4527

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 11 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-4527

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
1.9	LOW	AV:L/AC:M/Au:N/C:P/I:N/A:N	3.4	2.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
3.3	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	1.8	1.4	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2016-4527

CWE-255

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-4527

https://ics-cert.us-cert.gov/advisories/ICSA-16-152-02

ABB PCM600 Vulnerabilities | CISA
Third Party Advisory;US Government Resource

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-4527

Products affected by CVE-2016-4527

Exploit prediction scoring system (EPSS) score for CVE-2016-4527

CVSS scores for CVE-2016-4527

CWE ids for CVE-2016-4527

References for CVE-2016-4527