Abb Advabuild vulnerabilities

CVE-2020-11640 [HIGH] CWE-269 CVE-2020-11640: AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the com AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.Th

CVE-2020-11639 [HIGH] CWE-924 CVE-2020-11639: An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Dep An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, caus

CVE-2020-8481 [CRITICAL] CWE-200 CVE-2020-8481: For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Compos

CVE-2020-8479 [CRITICAL] CWE-91 CVE-2020-8479: For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and relate For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer

CVE-2020-8476 [MEDIUM] CWE-20 CVE-2020-8476: For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and relate For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5

CVE-2020-8475 [MEDIUM] CWE-20 CVE-2020-8475: For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and relate For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5

CVE-2020-8471 [HIGH] CWE-275 CVE-2020-8471: For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and relate For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.