The NCCIC has published an advisory on an improper authentication vulnerability in ABB CMS-770. All versions prior to 1.7.1 are affected. Successful exploitation of this vulnerability may allow an attacker to read sensitive configuration files that may lead to code execution on the device. ABB recommends installing the device in accordance with the latest instructions from the updated technical manual. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. NCCIC/ICS-CERT.