EUVD-2020-29344

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Insufficient protection in ABB System 800xA products allows data injection by local authenticated attackers.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2020-8478	20 May 202014:27	–	circl
CNVD	ABB Ability System 800xA Privilege License and Access Control Issues Vulnerability	29 Apr 202000:00	–	cnvd
CVE	CVE-2020-8478	29 Apr 202001:58	–	cve
Cvelist	CVE-2020-8478 ABB System 800xA Inter process communication vulnerability	29 Apr 202001:58	–	cvelist
ICS	ABB Multiple System 800xA Products	2 Jun 202000:00	–	ics
NVD	CVE-2020-8478	29 Apr 202002:15	–	nvd
Tenable Nessus	Abb Base Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	10 Aug 202100:00	–	nessus
Prion	Design/Logic Flaw	29 Apr 202002:15	–	prion
RedhatCVE	CVE-2020-8478	22 May 202515:42	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "a97255bf-bff7-3d4b-bc33-a1619579e44c",
        "vendor": {
          "name": "ABB"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "15098bd4-5303-34d0-b4ed-23addb2e27ba",
        "product": {
          "name": "MMS Server for AC 800M"
        },
        "product_version": "all versions"
      },
      {
        "id": "2c00ad0f-2867-32c4-adfc-5cea407b9ef0",
        "product": {
          "name": "OPC Server for AC 800M"
        },
        "product_version": "all versions"
      },
      {
        "id": "b399b540-ba6c-3559-a2ad-5d6d8bda2ea3",
        "product": {
          "name": "Base Software for SoftControl"
        },
        "product_version": "all versions"
      }
    ]
  }
]

Source	Link
search	www.search.abb.com/library/Download.aspx
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

4.5Medium risk

Vulners AI Score4.5

CVSS 3.13.3 - 5.3

CVSS 22.1

EPSS0.00051