View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. A firmware update is available that resolves these privately reported vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited these vulnerabilities could access sensitive information stored inside the device and can change the configuration of the device. The following versions of ABB EIBPORT are affected: EIBPORT V3 KNX (2CLA963710W1001) <3.9.2 EIBPORT V3 KNX (2CSM256242R2001) <3.9.2 EIBPORT V3 KNX GSM (2CLA963720W1001) <3.9.2 CVSS Vendor Equipment Vulnerabilities v3 8 ABB ABB EIBPORT Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Background Critical Infrastructure Sectors: Critical Manufacturing, Information Technology Countries/Areas Deployed: Worldwide Company Headquarters Location: Switzerland Vulnerabilities Acknowledgments Psytester reported this vulnerability to ABB.…