Unrated severityNVD Advisory· Published Apr 28, 2020· Updated Aug 4, 2024

ABB System 800xA Weak File Permissions - different products

CVE-2020-8472

Description

Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.

Affected products

Abb/System 800xA products OPCServer for AC800Mllm-create
Range: <=6.0
Abb/Control Builder M Professionalllm-create2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 6.1 and earlier
Abb/Base Software for SoftControlllm-fuzzy2 versions
<=6.1+ 1 more
- (no CPE)range: <=6.1
- (no CPE)range: 6.1 and earlier
Abb/OPC Server for AC 800Mcpe-rescue2 versions
6.1 and earlier+ 1 more
- (no CPE)range: 6.1 and earlier
- (no CPE)range: 6.0 and earlier

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

search.abb.com/library/Download.aspxmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000