First published: Wed Apr 29 2020(Updated: )
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.
Credit: cybersecurity@ch.abb.com
Affected Software | Affected Version | How to fix |
---|---|---|
ABB 800xA |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-8484 is a vulnerability in ABB System 800xA for DCI that allows an authenticated attacker on the local system to inject data, leading to reads and writes to controllers or crashing of Windows processes.
CVE-2020-8484 enables an authenticated attacker to inject data, potentially causing unauthorized access to controllers or crashes of Windows processes in ABB System 800xA.
CVE-2020-8484 has a severity rating of 7.8 (high).
An attacker authenticated on the local system can exploit CVE-2020-8484 by injecting data, allowing them to read and write to controllers or crash windows processes.
ABB System 800xA for DCI does not have an official fix for CVE-2020-8484 at the time of writing. Please refer to the ABB documentation for any available workarounds or updates.