CVE Vulnerability

CVE-2020-8478

Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder.

2.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

3.3 /10

CVSS v3.0 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:abb:base_software:*:*:*:*:*:softcontrol:*:*
Information

Published : 2020-04-29 02:15

Updated : 2020-05-13 06:48

NVD link : CVE-2020-8478

Mitre link : CVE-2020-8478

Products Affected
No products.
CWE
CWE-74