7.8
CWE
264
Advisory Published
Updated

CVE-2020-8484: ABB System 800xA Inter process communication vulnerability - 800xA for DCI

First published: Wed Apr 29 2020(Updated: )

Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.

Credit: cybersecurity@ch.abb.com

Affected SoftwareAffected VersionHow to fix
ABB 800xA

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2020-8484?

    CVE-2020-8484 is a vulnerability in ABB System 800xA for DCI that allows an authenticated attacker on the local system to inject data, leading to reads and writes to controllers or crashing of Windows processes.

  • How does CVE-2020-8484 impact ABB System 800xA?

    CVE-2020-8484 enables an authenticated attacker to inject data, potentially causing unauthorized access to controllers or crashes of Windows processes in ABB System 800xA.

  • What is the severity of CVE-2020-8484?

    CVE-2020-8484 has a severity rating of 7.8 (high).

  • How can an attacker exploit CVE-2020-8484?

    An attacker authenticated on the local system can exploit CVE-2020-8484 by injecting data, allowing them to read and write to controllers or crash windows processes.

  • Is there a fix for CVE-2020-8484?

    ABB System 800xA for DCI does not have an official fix for CVE-2020-8484 at the time of writing. Please refer to the ABB documentation for any available workarounds or updates.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203