CVE-2021-22277

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.5HIGH

EPSS

0.4%

top 41.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ABB ABB Base Software FOR Softcontrol ABB Compact Product Suite - Control AND I/O ABB 800xa +3 more

Timeline

PublishedApr 1

Latest updateApr 3

Description

Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages7 packages

▶CVEListV5abb/abb_base_software_for_softcontrol5.1.0-0 — unspecified+7

▶CVEListV5abb/compact_product_suite_-_control_and_i/o5.1.0-0 — unspecified+7

▶NVDabb/control_builder_safe< 3.0

▶CVEListV5abb/control_builder_safe1.x, 2.0, 3.0+2

▶NVDabb/base_software5.1.0-0 — 5.1.0-3+3

🔴Vulnerability Details

GHSA

GHSA-88h6-w4mj-xwh4: Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB↗2022-04-03

▶

CVEList

AC 800M MMS - Denial of Service vulnerability in MMS communication↗2022-04-01

▶