id: 3324
title: 'RVD#3324: ABB IRC5 FTP daemon in VxWorks does not close the TCP connection
after a number of failed login attempts'
type: vulnerability
description: The FTP daemon in Wind River VxWorks does not close the TCP connection
after a number of failed login attempts, which makes it easier for remote attackers
to obtain access via a brute-force attack. This was previously recorded for VxWorks
at CVE-2010-2968 however from our results ABB products including all IRC5 (controller)
supported robots including IRB140 are affected.
cwe: CWE-264
cve: CVE-2010-2968
keywords:
- IRC5, FTP, Autentication
system: IRB140, IRC5, Robotware_5.09, VxWorks5.5.1
vendor: ABB
severity:
rvss-score: 10.0
rvss-vector: RVSS:1.0/AV:RN/AC:L/PR:N/UI:N/Y:M/S:U/C:H/I:L/A:H/H:U/
severity-description: Critical
cvss-score: 9.8
cvss-vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
links:
- https://nvd.nist.gov/vuln/detail/CVE-2010-2968
- https://github.com/aliasrobotics/RVD/issues/3324
flaw:
phase: testing
specificity: general-issue
architectural-location: Platform code
application: VxWorks
subsystem: FTP Daemon
package: N/A
languages: None
date-detected: 2020-05-19
detected-by: Alfonso Glera, Victor Mayoral Vilches (Alias Robotics)
detected-by-method: testing dynamic, Browser.
date-reported: '2020-07-15'
reported-by: Victor Mayoral Vilches
reported-by-relationship: security researcher
issue: https://github.com/aliasrobotics/RVD/issues/3324
reproducibility: Always
trace: Not disclosed
reproduction: Not disclosed
reproduction-image: Not disclosed
exploitation:
description: Not disclosed
exploitation-image: Not disclosed
exploitation-vector: Not disclosed
exploitation-recipe: ''
mitigation:
description: Not disclosed
pull-request: Not disclosed
date-mitigation: null