Lucene search

ABBCVELIST:CVE-2020-8474

HistoryApr 22, 2020 - 2:18 p.m.

CVE-2020-8474 ABB System 800xA Weak Registry Permissions

2020-04-2214:18:35

CWE-275

ABB

www.cve.org

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

12.6%

JSON

Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction.

CNA Affected

[
  {
    "product": "System 800xA Base",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "6.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=2PAA121221&LanguageCode=en&DocumentPartId=&Action=Launch

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2020-8474