CVE-2020-8486 - Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all p

CVE-2020-8486

Summary

Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling.

References

https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch

Vulnerable Configurations

cpe:2.3:a:abb:800xa_rnrp:*:*:*:*:*:*:*:*
cpe:2.3:a:abb:800xa_rnrp:*:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 07-05-2020 - 21:05)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm

https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch

Last major update

07-05-2020 - 21:05

Published

29-04-2020 - 02:15

Last modified

07-05-2020 - 21:05