Executive Summary
A security advisory reveals critical vulnerabilities affecting ABB’s ACS880 Drives, particularly those running the IEC 61131-3 license with vulnerable CODESYS Runtime versions. The vulnerabilities include improper input validation, out-of-bounds writes, and improper restrictions of operations within memory buffer bounds. The CVSS v3 score for the vulnerabilities is rated at 8.8, indicating a significant risk, especially because exploitation can be executed remotely with low technical demands.
Risk Evaluation
The vulnerabilities can facilitate an attacker’s unauthorized access to the device or result in denial-of-service conditions, underscoring the severity of the situation.
Technical Details
ABB has identified that various low-voltage DC drive and power controller products contain vulnerable versions of CODESYS Runtime. Specific impacted programs include:
- ACS880 Primary Control Programs AINLX (pre v3.47) and YINLX (pre v1.30).
- ACS880 IGBT Supply Control Programs AISLX, ALHLX, YISLX, and YLHLX (all pre v3.43 or v1.30).
- ACS880 Position Control Program APCLX (up to v1.04.0.5) and Test Bench Control Program ATBLX (up to v3.44.0.0).
Vulnerability Overview
Several vulnerabilities have been cataloged under CVE designations with common attributes:
-
Improper Input Validation (CWE-20): Multiple CVEs (CVE-2023-37559, CVE-2023-37558, CVE-2023-37556, etc.) allow attackers, once authenticated, to exploit network communication requests to lead to denial-of-service conditions by causing the CmpAppForce or CmpAppBP components to read from invalid memory addresses.
-
Out-of-Bounds Write (CWE-787): CVE-2023-37557 involves crafted requests enabling buffer overflows that potentially lead to denial-of-service.
- Improper Restriction of Operations within Bounds of a Memory Buffer (CWE-119): CVE-2022-4046 describes how attackers can gain full access to the device through vulnerabilities in CODESYS Control, resulting in a CVSS score of 8.8.
Background Information
The vulnerabilities primarily affect critical manufacturing sectors globally, as these ACS880 drives are involved in essential operational technologies.
Mitigation
ABB has taken proactive measures by issuing firmware updates to mitigate the vulnerabilities. Recommendations to users include:
- Updating affected firmware to the latest versions for all impacted programs.
- If immediate updates aren’t feasible, adjust specific parameters to disable file downloads.
- Implement general cybersecurity practices, including isolating networks, using physical access controls, scanning for malware, minimizing network exposure, and keeping all software up to date.
Recommendations by CISA
The Cybersecurity and Infrastructure Security Agency (CISA) advises organizations to perform a thorough impact analysis before deploying defensive measures. They also stress the importance of implementing cybersecurity strategies and reporting any malicious activities. No known exploits targeting these vulnerabilities have been observed at this time, but vigilance and adherence to security recommendations are crucial.
Update History
The advisory was initially republished on April 3, 2025, emphasizing ongoing communication and alert updates regarding the vulnerabilities in ABB’s products and the importance of users staying informed on security practices.
The advisory underscores proactive risk management of ABB ACS880 Drives to ensure operational reliability against potential cyber threats.