CVE-2020-8479

CVE-2020-8479 is an XML External Entity Injection vulnerability in ABB Central Licensing Server components across ABB Ability System 800xA, Compact HMI, and related products. The issue allows an attacker to read or call arbitrary files from the license server and/or the network, and can also bloc...

CVE-2020-8476

CVE-2020-8476 affects ABB CLS across ABB Ability System 800xA and related components, where a weakness in input validation in the Central Licensing Server allows an attacker to alter licenses assigned to system nodes. Reported impact is license manipulation (credentials/permissions could be misap...

CVE-2020-8471

CVE-2020-8471 affects ABB Central Licensing System (CLS) across multiple ABB products (800xA, Compact HMI, Symphony Plus, Harmony/Melody components, Knowledge Manager, etc.). The root issue is weak file permissions on the CLS, allowing an authenticated attacker to block license handling, escalate...

CVE-2020-8475

CVE-2020-8475 affects ABB Central Licensing System (CLS) in ABBAbility System 800xA and related components. Root cause: input validation weakness allows an attacker to block license handling (DoS) on CLS web service, potentially affecting availability of licensed nodes. Impact: partial availabili...

CVE-2021-22277

CVE-2021-22277 affects ABB 800xA suite (AC 800M, Control Builder Safe, Compact Product Suite – Control and I/O, ABB Base Software for SoftControl). The flaw is an Improper Input Validation vulnerability that can allow a remote attacker to cause a denial of service via the affected control softwar...