ABB System 800xA Inter process communication vulnerability
CVE-2020-8478

5.3MEDIUM

Key Information:

Vendor: Abb
Status: Opc Server For Ac 800m; Mms Server For Ac 800m; Base Software For Softcontrol
Vendor: CVE Published:; 29 April 2020

What is CVE-2020-8478?

Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder.

Affected Version(s)

Base Software for SoftControl all versions

MMS Server for AC 800M all versions

OPC Server for AC 800M all versions

References

https://search.abb.com/library/Download.aspx?DocumentID=2...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 29, 2020
Vulnerability Reserved
Jan 30, 2020

Abb

What is CVE-2020-8478?

Affected Version(s)

References

CVSS V3.1

Timeline