Main Vulnerability Database Vulnerabilities #VU27356

#VU27356 Permissions, Privileges, and Access Controls in 800xA Batch Management - CVE-2020-8488

Published: April 27, 2020 / Updated: June 3, 2020

Vulnerability identifier: #VU27356

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-8488

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
800xA Batch Management

Software vendor:
ABB

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to weak Kernel object permissions. A local user can cause denial of service (DoS) conditions by corrupting memory locations and gain elevated privileges depending on how those memory locations were used.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://applied-risk.com/assets/uploads/whitepapers/AR2020002-ABB-800xA-MultipleVulnerabilities.pdf
https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch

#VU27356 Permissions, Privileges, and Access Controls in 800xA Batch Management - CVE-2020-8488

Description

Remediation

External links

Please verify you're human