CVE-2020-8473

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 91.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ABB 800xa Base SystemABB System 800xa Base
Timeline
PublishedApr 29
Latest updateMay 24

Description

Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages2 packages

CVEListV5abb/system_800xa_base6.1 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-xphv-67vw-89c5: Insufficient folder permissions used by system functions in ABB System 800xA Base (version 62022-05-24
CVEList
ABB System 800xA Weak File Permissions - ABB System 800xA Base2020-04-28
CVE-2020-8473 (HIGH CVSS 7.8) | Insufficient folder permissions use | cvebase.io