You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
abb pcm600
About this tag
ABB PCM600 is protection and control IED management software used in operational technology environments. Discussions on WindowsForum.com highlight a Zip Slip vulnerability (CVE-2018-1002208) affecting versions 1.5 through 2.13, where a SharpZipLib path traversal flaw could allow arbitrary code execution. The fix is version 2.14, but compatibility issues with older relay families create a dilemma: updating may break existing systems. This tension between security patching and OT system stability is a recurring theme for users managing ABB PCM600 deployments.
CISA republished ABB’s advisory for PCM600 on April 30, 2026, warning that versions 1.5 through 2.13 of ABB’s protection and control IED management software contain a SharpZipLib path traversal flaw that can let crafted messages cause arbitrary code execution on a system node. The fix is PCM600...