Denial of Service Vulnerability in ABB PB610 Panel Builder 600

Denial of Service Vulnerability in ABB PB610 Panel Builder 600

CVE-2019-18994 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service.

Learn more about our Web Application Penetration Testing UK.