14 matches found
EUVD-2020-29338
Malware in sbrugna...
ABB Central Licensing System Improper Restriction of XML External Entity Reference (CVE-2020-8479)
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...
ABB Central Licensing System Uncontrolled Resource Consumption (CVE-2020-8475)
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...
CVE-2020-8481
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...
CVE-2020-8475
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...
Code injection
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...
CVE-2020-8481 ABB Central Licensing System - Information disclosure
For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...
CVE-2020-8481
CVE-2020-8481 concerns ABB Ability System 800xA and related ABB CLS/OLC ecosystem components. The root cause is confidential data written in an unprotected file, enabling an attacker to read sensitive data and potentially take full control of the affected node. Reported affected products span mul...
CVE-2020-8471
CVE-2020-8471 affects ABB Central Licensing System (CLS) across multiple ABB products (800xA, Compact HMI, Symphony Plus, Harmony/Melody components, Knowledge Manager, etc.). The root issue is weak file permissions on the CLS, allowing an authenticated attacker to block license handling, escalate...
CVE-2020-8471 ABB Central Licensing System - Weak File Permissions
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...
CVE-2020-8472
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M versions 6.0 and earlier and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl version 6.1 and earlier allow low privileged users to read, modify, add and...
CVE-2020-8472
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M versions 6.0 and earlier and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl version 6.1 and earlier allow low privileged users to read, modify, add and...
CVE-2020-8476 ABB Central Licensing System - Elevation of Privilege Vulnerability
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...
CVE-2020-8472
CVE-2020-8472 affects ABB System 800xA components: OPCServer for AC800M (v6.0 and earlier), Control Builder M Professional, MMS Server for AC800M, and Base Software for SoftControl (v6.1 and earlier). Root cause is insufficient/weak default folder permissions (CWE-276) allowing low-privileged use...