Main Vulnerability Database Vulnerabilities #VU27352

#VU27352 Permissions, Privileges, and Access Controls in 800xA for DCI - CVE-2020-8484

Published: April 27, 2020 / Updated: June 3, 2020

Vulnerability identifier: #VU27352

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-8484

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
800xA for DCI

Software vendor:
ABB

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to weak Kernel object permissions. A local user can cause denial of service (DoS) conditions by corrupting memory locations and gain elevated privileges depending on how those memory locations were used.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://applied-risk.com/assets/uploads/whitepapers/AR2020002-ABB-800xA-MultipleVulnerabilities.pdf
https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch

#VU27352 Permissions, Privileges, and Access Controls in 800xA for DCI - CVE-2020-8484

Description

Remediation

External links

Please verify you're human