CVE-2021-22284

🗓️ 04 Feb 2022 22:29:21Reported by ABBType

Incorrect Permission Assignment vulnerability in AC 800M OPC Server allows arbitrary code execution

Reporter	Title	Published	Views	Family All 9
CNNVD	ABB OPCServer for AC800M 安全漏洞	4 Feb 202200:00	–	cnnvd
Cvelist	CVE-2021-22284 SECURITY - OPC Server for AC 800M - Remote Code Execution Vulnerability	4 Feb 202222:29	–	cvelist
EUVD	EUVD-2021-9430	3 Oct 202520:07	–	euvd
ICS	ABB OPC Server for AC 800M	15 Mar 202200:00	–	ics
NCSC	Vulnerability fixed in ABB OPC Server	31 Jan 202200:00	–	ncsc
NCSC	Vulnerability fixed in ABB OPC Server for AC 800M	10 Feb 202200:00	–	ncsc
NVD	CVE-2021-22284	4 Feb 202223:15	–	nvd
Prion	Code injection	4 Feb 202223:15	–	prion
Tenable Nessus	ABB OPC Server for Incorrect Permission Assignment for Critical Resource (CVE-2021-22284)	29 Mar 202300:00	–	nessus

NVD

Node

abb opc_server_for_ac_800mRange5.1.0-0–6.0.0-4

[
  {
    "product": "800xA, Control Software for AC 800M OPC Server for AC 800M",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "5.1.0-x",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "5.1.1-x",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "6.0.0-1"
      },
      {
        "status": "affected",
        "version": "6.0.0-2"
      },
      {
        "status": "affected",
        "version": "6.0.0-3"
      }
    ]
  },
  {
    "product": "Control Builder Safe, version 1.x OPC Server for AC 800M",
    "vendor": "ABB",
    "versions": [
      {
        "status": "affected",
        "version": "5.1.1-1"
      }
    ]
  },
  {
    "product": "Control Builder Safe, version 2.0 OPC Server for AC 800M",
    "vendor": "ABB",
    "versions": [
      {
        "status": "affected",
        "version": "6.0.0-1"
      }
    ]
  },
  {
    "product": "Compact Product Suite - Control and I/O OPC Server for AC 800M",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "5.1.0-x",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "5.1.1-x",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "6.0.0-x",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
search	www.search.abb.com/library/Download.aspx

21 Nov 2024 05:49Current

8.9High risk

Vulners AI Score8.9

CVSS 26.5

CVSS 3.18.4 - 8.8

EPSS0.00476

CWE-732