Rewterz Threat Advisory – CVE-2020-4188 – IBM Security Guardium information disclosure
June 24, 2020Rewterz Threat Advisory – Multiple Security Vulnerabilities in VMware
June 24, 2020Rewterz Threat Advisory – CVE-2020-4188 – IBM Security Guardium information disclosure
June 24, 2020Rewterz Threat Advisory – Multiple Security Vulnerabilities in VMware
June 24, 2020Severity
Medium
Analysis Summary
A vulnerability exists in Device Library Wizard in the affected product versions listed below. It creates a file that contains confidential data that could be read by low privileged users. This could allow the attacker to take control of one or multiple system nodes.
Impact
Insecure Storage of Sensitive Information
Affected Vendors
ABB
Affected Products
- Device Library Wizard: Versions 6.0.X
- Device Library Wizard: Versions 6.0.3.1
- Device Library Wizard: Versions 6.0.3.2
Remediation
ABB recommends users apply the following updates.
- Device Library Wizard Version 6.0.3.2 RU1
- Device Library Wizard Version 6.0.3.3
- Device Library Wizard Version 6.1.X and later