CVE-2020-8474: ABB System 800xA Weak Registry Permissions
First published: Wed Apr 22 2020(Updated: )
Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB 800xA | <=6.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-8474?
CVE-2020-8474 is considered a high severity vulnerability due to its potential to allow authenticated attackers to manipulate critical registry settings.
How do I fix CVE-2020-8474?
To mitigate CVE-2020-8474, ensure that registry permissions are appropriately restricted to prevent low privileged users from modifying control system settings.
Who is affected by CVE-2020-8474?
CVE-2020-8474 affects users of the ABB 800xA Base system up to version 6.0.0, primarily in industrial control environments.
What can an attacker do with CVE-2020-8474?
An attacker exploiting CVE-2020-8474 can potentially read and modify registry settings, leading to malfunction of critical control system functions.
Is there a patch available for CVE-2020-8474?
As of now, users should refer to ABB for any available patches or updates addressing CVE-2020-8474.
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/title
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/abb
- canonical/abb 800xa
- version/abb 800xa/6.0.0