Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2020-8472
PUBLISHED
More InfoOfficial Page
Assigner-ABB
Assigner Org ID-2b718523-d88f-4f37-9bbd-300c20644bf9
View Known Exploited Vulnerability (KEV) details
Published At-28 Apr, 2020 | 23:52
Updated At-04 Aug, 2024 | 10:03
Rejected At-
▼CVE Numbering Authority (CNA)
ABB System 800xA Weak File Permissions - different products

Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.

Affected Products
Vendor
ABBABB
Product
OPC Server for AC 800M
Versions
Affected
  • 6.0 and earlier
Vendor
ABBABB
Product
Control Builder M Professional
Versions
Affected
  • 6.1 and earlier
Vendor
ABBABB
Product
MMS Server for AC 800M
Versions
Affected
  • 6.1 and earlier
Vendor
ABBABB
Product
Base Software for SoftControl
Versions
Affected
  • 6.1 and earlier
Problem Types
TypeCWE IDDescription
CWECWE-732CWE-732 Incorrect Permission Assignment for Critical Resource
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://search.abb.com/library/Download.aspx?DocumentID=2PAA121106&LanguageCode=en&DocumentPartId=&Action=Launch
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://search.abb.com/library/Download.aspx?DocumentID=2PAA121106&LanguageCode=en&DocumentPartId=&Action=Launch
x_refsource_CONFIRM
x_transferred
Details not found