Main Vulnerability Database Vulnerabilities #VU27353

#VU27353 Permissions, Privileges, and Access Controls in 800xA for MOD 300 - CVE-2020-8485

Published: April 27, 2020 / Updated: June 3, 2020

Vulnerability identifier: #VU27353

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-8485

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
800xA for MOD 300

Software vendor:
ABB

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to weak Kernel object permissions. A local user can cause denial of service (DoS) conditions by corrupting memory locations and gain elevated privileges depending on how those memory locations were used.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://applied-risk.com/assets/uploads/whitepapers/AR2020002-ABB-800xA-MultipleVulnerabilities.pdf
https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch

#VU27353 Permissions, Privileges, and Access Controls in 800xA for MOD 300 - CVE-2020-8485

Description

Remediation

External links

Please verify you're human