Headline
ABB Cylon Aspect Studio 3.08.03 Insecure Permissions
The application suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the ‘M’ flag (Modify) for ‘Authenticated Users’ group.
Title: ABB Cylon Aspect Studio 3.08.03 Insecure Permissions
Advisory ID: ZSL-2025-5951
Type: Local/Remote
Impact: Privilege Escalation
Risk: (3/5)
Release Date: 22.05.2025
Summary
ABB Cylon ASPECT Studio is a graphical programming tool and integrated development environment (IDE) for ABB Cylon ASPECT products. It’s used to engineer comprehensive area control and graphical user interface (GUI) solutions, containing a library of logical and graphical widgets. It allows users to monitor and control facilities from anywhere, providing insights into building performance and enabling timely reactions to issues.
Description
The application suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the ‘M’ flag (Modify) for ‘Authenticated Users’ group.
Vendor
ABB Ltd. - https://www.global.abb
Affected Version
ASPECT-Studio <=3.08.03
Tested On
Microsoft Windows 10 Home (EN)
OpenJDK 64-Bit Server VM Temurin-21.0.6+7
Vendor Status
[21.04.2024] Vulnerability discovered.
[22.04.2024] Vendor contacted.
[22.04.2024] Vendor responds.
[02.05.2024] Working with the vendor.
[21.05.2025] No response from the vendor.
[22.05.2025] Public security advisory released.
PoC
abb_aspect_perm1.txt
Credits
Vulnerability discovered by Gjoko Krstic - <[email protected]>
References
[1] https://packetstorm.news/files/id/194980/
Changelog
[22.05.2025] - Initial release
[26.05.2025] - Added reference [1]
Contact
Zero Science Lab
Web: https://www.zeroscience.mk
e-mail: [email protected]