CVE-2020-8481

CWE-200Information ExposureCWE-9223 documents3 sources
Severity
9.8CRITICAL
EPSS
0.5%
top 33.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
18
ABB Central Licensing SystemABB Composer MelodyABB Symphony Plus S+ Engineering+15 more
Timeline
PublishedApr 29
Latest updateMay 24

Description

For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS A

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages18 packages

CVEListV5abb/composer_melody66.3+1
CVEListV5abb/symphony_plus_s+_operations33.2
CVEListV5abb/composer_harmony5.1, 6.0, 6.1+2
CVEListV5abb/control_builder_safe1.0, 1.1, 2.0+2

🔴Vulnerability Details

2
GHSA
GHSA-w8qc-fmpq-5gmp: For ABB products ABB Ability™ System 800xA and related system extensions versions 52022-05-24
CVEList
ABB Central Licensing System - Information disclosure2020-04-29