First published: Wed Apr 29 2020(Updated: )
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder.
Credit: cybersecurity@ch.abb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Abb Mms Server | ||
Abb Opc Server | ||
Abb Ac800m | ||
Abb Base Software |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-8478.
ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M, and Base Software for SoftControl (all published versions) are affected by this vulnerability.
This vulnerability enables an attacker authenticated on the local system to inject data, affecting the online view.
The severity of CVE-2020-8478 is classified as medium with a severity value of 3.3.
For information on fixes and mitigations, please refer to the reference link provided: [https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch](https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch) (link provided for reference only).