The NCCIC has published an advisory on use of hard-coded credentials vulnerability in ABB CP651 HMI. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow an attacker to prevent legitimate access to an affected system node, remotely cause an affected system node to stop, take control of an affected system node, or insert and run arbitrary code in an affected system node. ABB recommends users apply the BSP update on affected CP600 control panels at their earliest convenience. The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.