CVE-2020-8484: ABB System 800xA Inter process communication vulnerability - 800xA for DCI
First published: Wed Apr 29 2020(Updated: )
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB 800xA |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-8484?
CVE-2020-8484 is a vulnerability in ABB System 800xA for DCI that allows an authenticated attacker on the local system to inject data, leading to reads and writes to controllers or crashing of Windows processes.
How does CVE-2020-8484 impact ABB System 800xA?
CVE-2020-8484 enables an authenticated attacker to inject data, potentially causing unauthorized access to controllers or crashes of Windows processes in ABB System 800xA.
What is the severity of CVE-2020-8484?
CVE-2020-8484 has a severity rating of 7.8 (high).
How can an attacker exploit CVE-2020-8484?
An attacker authenticated on the local system can exploit CVE-2020-8484 by injecting data, allowing them to read and write to controllers or crash windows processes.
Is there a fix for CVE-2020-8484?
ABB System 800xA for DCI does not have an official fix for CVE-2020-8484 at the time of writing. Please refer to the ABB documentation for any available workarounds or updates.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/author
- agent/title
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- vendor/abb
- canonical/abb 800xa