ABB FOX515T (CVE-2017-14025)

medium Tenable OT Security Plugin ID 500323


The remote OT asset is affected by a vulnerability.


An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. An improper input validation vulnerability has been identified, allowing a local attacker to provide a malicious parameter to the script that is not validated by the application, This could enable the attacker to retrieve any file on the server.

This plugin only works with Tenable.ot. Please visit for more information.


The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at

ABB reports that the product has been phased out and has reached obsolete status. No further maintenance is planned for the product.

Please see the ABB Cyber Security Advisory 1KHW028693 on the ABB Alerts and Notification page at the following location:

See Also

Plugin Details

Severity: Medium

ID: 500323

Version: 1.5

Type: remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 11/14/2023

Risk Information


Risk Factor: Low

Score: 3.6


Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2017-14025


Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:abb:fox515t_firmware:1.0

Required KB Items: Tenable.ot/ABB

Exploit Ease: No known exploits are available

Patch Publication Date: 11/6/2017

Vulnerability Publication Date: 11/6/2017

Reference Information

CVE: CVE-2017-14025

CWE: 20