RVD#3324: ABB IRC5 FTP daemon in VxWorks does not close the TCP connection after a number of failed login attempts

[rvd-bot]

id: 3324
title: 'RVD#3324: ABB IRC5 FTP daemon in VxWorks does not close the TCP connection
  after a number of failed login attempts'
type: vulnerability
description: The FTP daemon in Wind River VxWorks does not close the TCP connection
  after a number of failed login attempts, which makes it easier for remote attackers
  to obtain access via a brute-force attack. This was previously recorded for VxWorks
  at CVE-2010-2968 however from our results ABB products including all IRC5 (controller)
  supported robots including IRB140 are affected.
cwe: CWE-264
cve: CVE-2010-2968
keywords:
- IRC5, FTP, Autentication
system: IRB140, IRC5, Robotware_5.09, VxWorks5.5.1
vendor: ABB
severity:
  rvss-score: 10.0
  rvss-vector: RVSS:1.0/AV:RN/AC:L/PR:N/UI:N/Y:M/S:U/C:H/I:L/A:H/H:U/
  severity-description: Critical
  cvss-score: 9.8
  cvss-vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
links:
- https://nvd.nist.gov/vuln/detail/CVE-2010-2968
- https://github.com/aliasrobotics/RVD/issues/3324
flaw:
  phase: testing
  specificity: general-issue
  architectural-location: Platform code
  application: VxWorks
  subsystem: FTP Daemon
  package: N/A
  languages: None
  date-detected: 2020-05-19
  detected-by: Alfonso Glera, Victor Mayoral Vilches (Alias Robotics)
  detected-by-method: testing dynamic, Browser.
  date-reported: '2020-07-15'
  reported-by: Victor Mayoral Vilches
  reported-by-relationship: security researcher
  issue: https://github.com/aliasrobotics/RVD/issues/3324
  reproducibility: Always
  trace: Not disclosed
  reproduction: Not disclosed
  reproduction-image: Not disclosed
exploitation:
  description: Not disclosed
  exploitation-image: Not disclosed
  exploitation-vector: Not disclosed
  exploitation-recipe: ''
mitigation:
  description: Not disclosed
  pull-request: Not disclosed
  date-mitigation: null