Multiple Critical RCE, DoS, and DNS‑Poisoning Vulnerabilities in ABB B&R Industrial PCs (CVE‑2023‑45229‑CVE‑2023‑45237) Threaten Manufacturing Operations
What It Is – ABB B&R disclosed a family of nine related CVEs affecting several models of its industrial‑grade PCs (APC4100, APC910, C80, MPC3100, PPC1200, PPC900, APC2200). The flaws allow a remote network attacker to execute arbitrary code, launch denial‑of‑service attacks, poison DNS caches, or exfiltrate sensitive data.
Exploitability – Proof‑of‑concept exploits have been published for the remote‑code‑execution paths; the vulnerabilities are publicly disclosed and patches are now available. CVSS scores for the individual CVEs range from 8.8 to 9.8 (Critical).
Affected Products – ABB B&R PCs: APC4100 < 1.09, APC910 ≤ 1.25, C80 < 1.14, MPC3100 < 1.24, PPC1200 < 1.14, PPC900 < 2.16, APC2200 < 1.35 (all versions listed in the advisory).
TPRM Impact – These devices are often embedded in third‑party manufacturing, energy, and logistics environments. A compromised PLC‑class PC can disrupt production lines, corrupt process data, and provide an entry point to downstream suppliers, amplifying supply‑chain risk.
Recommended Actions –
- Verify inventory of ABB B&R PCs and confirm firmware versions.
- Apply the ABB‑provided security update immediately to all affected units.
- Segment industrial networks from corporate IT and enforce strict firewall rules to limit inbound traffic to management interfaces.
- Conduct a focused vulnerability scan of OT assets and monitor for anomalous network traffic (e.g., unexpected DNS queries).
- Update third‑party risk assessments to reflect the elevated exposure of vendors relying on these PCs.
Source: CISA Advisory – ICSA‑26‑141‑02