CVE-2018-18995 in Pluto Safety PLC Gateway Ethernet GATE-E1
Summary
by MITRE
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing configuration settings such as IP addresses.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 04/26/2020
The vulnerability identified as CVE-2018-18995 affects Pluto Safety PLC Gateway Ethernet devices manufactured by ABB, specifically the GATE-E1 and GATE-E2 models across all versions. This represents a critical security flaw in industrial control systems that undermines fundamental network security principles and exposes operational technology infrastructure to significant risks. The affected devices operate within critical infrastructure environments where unauthorized access could lead to severe operational disruptions and safety hazards.
The technical flaw resides in the absence of proper authentication mechanisms for administrative telnet and web interfaces within these industrial gateway devices. This configuration weakness creates an unauthenticated access vector that allows any remote attacker to gain administrative privileges without requiring legitimate credentials. The vulnerability directly maps to CWE-305 Authentication Bypass and aligns with ATT&CK technique T1078 Valid Accounts, as it eliminates the need for legitimate authentication while providing full administrative control. The lack of authentication enforcement represents a fundamental failure in the device's security architecture, creating a backdoor that bypasses all normal access controls.
The operational impact of this vulnerability extends beyond simple unauthorized access, creating multiple attack vectors that could compromise industrial processes. Attackers can conduct device resets that may disrupt critical operations, read or modify registers that control industrial processes, and change configuration settings including IP addresses that could isolate or compromise network segments. These capabilities enable attackers to perform reconnaissance, manipulate industrial processes, and potentially cause physical damage to equipment or safety systems. The vulnerability particularly affects environments where these devices are deployed for safety-critical applications, where unauthorized modifications could lead to catastrophic consequences.
Mitigation strategies for this vulnerability must address both immediate and long-term security requirements. Immediate actions should include network segmentation to isolate these devices from general network access, implementing strict firewall rules to restrict access to administrative ports, and deploying network monitoring to detect unauthorized access attempts. Organizations should also consider disabling unnecessary services and interfaces, applying any available vendor patches or firmware updates, and implementing network access control lists to limit who can reach these administrative interfaces. The vulnerability highlights the critical importance of proper authentication mechanisms in industrial control systems, aligning with NIST SP 800-82 guidelines for industrial control system security. Regular security assessments and vulnerability scanning should be implemented to identify similar authentication bypass issues in other industrial equipment within the network infrastructure.