PT-2020-20163 · Abb · Abb System 800Xa+4

Published

2020-04-29

Updated

2020-05-13

CVE-2020-8478

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions ABB System 800xA products (affected versions not specified)

Description The issue is related to insufficient protection of inter-process communication functions in ABB System 800xA products, including OPC Server for AC 800M, MMS Server for AC 800M, and Base Software for SoftControl. This allows an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-264

Related Identifiers

CVE-2020-8478

Affected Products

Abb System 800Xa

Base Software For Softcontrol

Control Builder

Mmsserver For Ac800M

Opc Server For Ac 800M

PT-2020-20163 · Abb · Abb System 800Xa+4

CVE-2020-8478

Weakness Enumeration

Related Identifiers

Affected Products

References · 3