Abb
Products by Abb Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2024 there have been 0 vulnerabilities in Abb . Last year Abb had 10 security vulnerabilities published. Right now, Abb is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 10 | 7.44 |
2022 | 14 | 7.34 |
2021 | 5 | 8.18 |
2020 | 39 | 7.36 |
2019 | 6 | 7.53 |
2018 | 3 | 7.80 |
It may take a day or so for new Abb vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Abb Security Vulnerabilities
A vulnerability was found in AO-OPC server versions mentioned above
CVE-2023-2685
6.3 - Medium
- July 28, 2023
A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC server by starting the service. The service might be started with system user privileges which could cause a shift in user access privileges. It is unlikely to exploit the vulnerability in well maintained Windows installations since the attacker would need write access to system folders. An update is available that resolves the vulnerability found during an internal review in the product AO-OPC = 3.2.1
Unquoted Search Path or Element
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system
CVE-2023-3321
8.8 - High
- July 24, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability zenon: from 11 build through 11 build 106404.
External Control of System or Configuration Setting
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system
CVE-2023-3324
7.5 - High
- July 24, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability zenon: from 11 build through 11 build 106404.
Marshaling, Unmarshaling
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system
CVE-2023-3323
5.4 - Medium
- July 24, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability zenon: from 11 build through 11 build 106404.
Incorrect Default Permissions
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system
CVE-2023-3322
8.1 - High
- July 24, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability zenon: from 11 build through 11 build 106404.
Incorrect Permission Assignment for Critical Resource
Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools
CVE-2022-0010
5.5 - Medium
- May 22, 2023
Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.
Insertion of Sensitive Information into Log File
Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise)
CVE-2023-0580
9.8 - Critical
- April 06, 2023
Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13.
Insecure Storage of Sensitive Information
Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations:
CVE-2023-0228
8.8 - High
- March 02, 2023
Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2.
authentification
Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant
CVE-2022-1607
8.8 - High
- February 24, 2023
Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) comcode 150047415.
Session Riding
An issue has been discovered in GitLab CE/EE affecting all versions starting
CVE-2022-3573
5.4 - Medium
- January 12, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute arbitrary JavaScript on the self-hosted instances running without strict CSP.
XSS
Relative Path Traversal vulnerability in ABB Zenon 8.20
CVE-2022-34836
8.2 - High
- August 24, 2022
Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. An attacker who successfully exploit the vulnerability could access the Zenon runtime activities such as the start and stop of various activity and the last error code etc.
Directory traversal
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients
CVE-2022-34837
6.1 - Medium
- August 24, 2022
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.
Insufficiently Protected Credentials
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20
CVE-2022-34838
8.4 - High
- August 24, 2022
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.
Insufficiently Protected Credentials
Vulnerabilities in the Drive Composer
CVE-2022-31216
7.8 - High
- June 15, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
insecure temporary file
Vulnerabilities in the Drive Composer
CVE-2022-31219
7.8 - High
- June 15, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
insecure temporary file
Vulnerabilities in the Drive Composer
CVE-2022-31218
7.8 - High
- June 15, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
insecure temporary file
Vulnerabilities in the Drive Composer
CVE-2022-31217
7.8 - High
- June 15, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
insecure temporary file
Vulnerabilities in the Mint WorkBench
CVE-2022-26057
7.8 - High
- June 15, 2022
Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Mint WorkBench installer file allows a low-privileged user to run a "repair" operation on the product
Improper Privilege Management
Incorrect Default Permissions vulnerability in ABB e-Design
CVE-2022-29483
7.8 - High
- June 02, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
Incorrect Default Permissions
Incorrect Default Permissions vulnerability in ABB e-Design
CVE-2022-28702
5.5 - Medium
- June 02, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
Incorrect Default Permissions
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl
CVE-2021-22277
7.5 - High
- April 01, 2022
Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service.
Improper Input Validation
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code
CVE-2021-27416
5.4 - Medium
- March 11, 2022
An attacker could exploit this vulnerability in Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 by tricking a user to click on a link containing malicious code that would then be run by the web browser. This can result in the compromise of confidential information, or even the takeover of the users session.
XSS
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials.
CVE-2021-27414
6.1 - Medium
- March 11, 2022
An attacker could trick a user of Hitachi ABB Power Grids Ellipse Enterprise Asset Management (EAM) versions prior to and including 9.0.25 into visiting a malicious website posing as a login page for the Ellipse application and gather authentication credentials.
Clickjacking
Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M
CVE-2021-22284
8.8 - High
- February 04, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server.
Incorrect Permission Assignment for Critical Resource
A certificate validation vulnerability in PCM600 Update Manager
CVE-2021-22278
6.7 - Medium
- October 28, 2021
A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed.
Improper Certificate Validation
The vulnerability origins in the commissioning process where an attacker of the ControlTouch
CVE-2021-22272
9.4 - Critical
- September 27, 2021
The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.de or mybuildings.abb.com profile. A successful attacker can observe and control a ControlTouch remotely under very specific circumstances. The issue is fixed in the cloud side of the system. No firmware update is needed for customer products. If a user wants to understand if (s)he is affected, please read the advisory. This issue affects: ABB and Busch-Jaeger, ControlTouch
A vulnerability in Base Software for SoftControl
CVE-2020-24672
9.8 - Critical
- September 08, 2021
A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary code in a computer running the affected product. This issue affects: .
Improper Input Validation
Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials
CVE-2021-35527
7.5 - High
- July 14, 2021
Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. This issue affects: Hitachi ABB Power Grids eSOMS version 6.3 and prior versions.
Insufficiently Protected Credentials
Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS
CVE-2021-26845
7.5 - High
- June 14, 2021
Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3.
AuthZ
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages
CVE-2020-24679
9.8 - Critical
- December 22, 2020
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted.
Improper Input Validation
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks
CVE-2020-24676
7.8 - High
- December 22, 2020
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.
An authenticated user might execute malicious code under the user context and take control of the system
CVE-2020-24678
8.8 - High
- December 22, 2020
An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges.
The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication
CVE-2020-24683
9.8 - Critical
- December 22, 2020
The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application.
Incorrect Resource Transfer Between Spheres
In S+ Operations and S+ Historian
CVE-2020-24680
7 - High
- December 22, 2020
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.
Insufficiently Protected Credentials
Vulnerabilities in the S+ Operations and S+ Historian web applications
CVE-2020-24677
8.8 - High
- December 22, 2020
Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.
Improper Check for Unusual or Exceptional Conditions
In S+ Operations and S+ History, it is possible
CVE-2020-24675
9.8 - Critical
- December 22, 2020
In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process.
authentification
In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected
CVE-2020-24674
8.8 - High
- December 22, 2020
In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.
AuthZ
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data
CVE-2020-24673
9.8 - Critical
- December 22, 2020
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability.
SQL Injection
Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 (all published versions) enables an attacker authenticated on the local system to inject data
CVE-2020-8485
7.8 - High
- April 29, 2020
Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5, a weakness in validation of input exists
CVE-2020-8476
7.5 - High
- April 29, 2020
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5, a weakness in validation of input exists that allows an attacker to alter licenses assigned to the system nodes by sending specially crafted messages to the CLS web service.
Improper Input Validation
Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data
CVE-2020-8486
7.8 - High
- April 29, 2020
Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data
CVE-2020-8487
7.8 - High
- April 29, 2020
Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.
Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management (all published versions) enables an attacker authenticated on the local system to inject data
CVE-2020-8488
7.8 - High
- April 29, 2020
Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing functionalities.
Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management (all published versions) enables an attacker authenticated on the local system to inject data
CVE-2020-8489
7.8 - High
- April 29, 2020
Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting the runtime values to be stored in the archive, or making Information Management history services unavailable.
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data
CVE-2020-8484
7.8 - High
- April 29, 2020
Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash.
For ABB products ABB Ability System 800xA and related system extensions versions 5.1
CVE-2020-8481
9.8 - Critical
- April 29, 2020
For ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, confidential data is written in an unprotected file. An attacker who successfully exploited this vulnerability could take full control of the computer.
Insecure Storage of Sensitive Information
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1
CVE-2020-8479
9.8 - Critical
- April 29, 2020
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5. an XML External Entity Injection vulnerability exists that allows an attacker to read or call arbitrary files from the license server and/or from the network and also block the license handling.
aka Blind XPath Injection
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M
CVE-2020-8478
3.3 - Low
- April 29, 2020
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder.
Injection
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, weak file permissions
CVE-2020-8471
7.8 - High
- April 29, 2020
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, weak file permissions allow an authenticated attacker to block the license handling, escalate his/her privileges and execute arbitrary code.
Incorrect Default Permissions
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5, a weakness in validation of input exists
CVE-2020-8475
7.5 - High
- April 29, 2020
For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5, a weakness in validation of input exists that allows an attacker to block license handling by sending specially crafted messages to the CLS web service.
Improper Input Validation
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier)
CVE-2020-8472
7.8 - High
- April 29, 2020
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
Incorrect Permission Assignment for Critical Resource
Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier)
CVE-2020-8473
7.8 - High
- April 29, 2020
Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
Incorrect Permission Assignment for Critical Resource
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component
CVE-2020-8477
8.8 - High
- April 22, 2020
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
XSS
Weak Registry permissions in ABB System 800xA Base
CVE-2020-8474
7.8 - High
- April 22, 2020
Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction.
Improper Privilege Management
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers
CVE-2019-19097
7.5 - High
- April 02, 2020
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection.
Inadequate Encryption Strength
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text
CVE-2019-19096
6.1 - Medium
- April 02, 2020
The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality.
Insufficiently Protected Credentials
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response
CVE-2019-19000
6.5 - Medium
- April 02, 2020
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information.
Information Disclosure
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response
CVE-2019-19001
6.5 - Medium
- April 02, 2020
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials.
Clickjacking
For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server
CVE-2019-19002
5.4 - Medium
- April 02, 2020
For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting.
XSS
For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set
CVE-2019-19003
6.1 - Medium
- April 02, 2020
For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting.
XSS
For ABB eSOMS versions 4.0 to 6.0.3
CVE-2019-19089
6.1 - Medium
- April 02, 2020
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript.
Code Injection
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header
CVE-2019-19090
3.5 - Low
- April 02, 2020
For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.
Missing Encryption of Sensitive Data
For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application
CVE-2019-19091
4.3 - Medium
- April 02, 2020
For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack.
Information Disclosure
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC)
CVE-2019-19092
3.5 - Low
- April 02, 2020
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.
Missing Authentication for Critical Function
eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings
CVE-2019-19093
6.5 - Medium
- April 02, 2020
eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords.
Weak Password Requirements
Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might
CVE-2019-19094
7.6 - High
- April 02, 2020
Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database.
SQL Injection
Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might
CVE-2019-19095
5.4 - Medium
- April 02, 2020
Lack of adequate input/output validation for ABB eSOMS versions 4.0 to 6.0.2 might allow an attacker to attack such as stored cross-site scripting by storing malicious content in the database.
XSS
Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3
CVE-2019-18998
7.1 - High
- February 17, 2020
Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4 prior to 9.4.2.6, 9.5 prior to 9.5.3.2 and 9.6.0 enables full access to directly referenced objects. An attacker with knowledge of a resource's URL can access the resource directly.
Insecure Direct Object Reference / IDOR
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file
CVE-2019-18997
7.5 - High
- December 18, 2019
The HMISimulator component of ABB PB610 Panel Builder 600 uses the readFile/writeFile interface to manipulate the work file. Path configuration in PB610 HMISimulator versions 2.8.0.424 and earlier potentially allows access to files outside of the working directory, thus potentially supporting unauthorized file access.
AuthZ
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially
CVE-2019-18996
7.8 - High
- December 18, 2019
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the applications context.
Untrusted Path
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service
CVE-2019-18995
5.3 - Medium
- December 18, 2019
The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier fails to validate the content-length field for HTTP requests, exposing HMISimulator to denial of service via crafted HTTP requests manipulating the content-length setting.
Improper Input Validation
Due to a lack of file length check
CVE-2019-18994
6.5 - Medium
- December 18, 2019
Due to a lack of file length check, the HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier crashes when trying to load an empty *.JPR application file. An attacker with access to the file system might be able to cause application malfunction such as denial of service.
Improper Input Validation
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may
CVE-2019-18250
9.8 - Critical
- November 26, 2019
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an attacker to remotely bypass authentication and extract credentials from the affected device.
authentification
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process
CVE-2019-7229
8.3 - High
- June 24, 2019
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither of these transmission methods implements any form of encryption or authenticity checks against the new firmware HMI software binary files.
Download of Code Without Integrity Check
ABB eSOMS version 6.0.2 may
CVE-2018-14805
9.8 - Critical
- August 29, 2018
ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present. Both conditions are required to exploit this vulnerability.
authentification
ABB Panel Builder 800 all versions has an improper input validation vulnerability which may
CVE-2018-10616
7.8 - High
- July 18, 2018
ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used.
Improper Input Validation
An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior
CVE-2018-5477
5.8 - Medium
- February 20, 2018
An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. A vulnerability exists in the password entry section of netCADOPS Web Application that may expose critical database information.
Information Disclosure