Vulnerability Details CVE-2020-24679
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 10.0
References
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch
- https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch
Products affected by CVE-2020-24679
-
cpe:2.3:a:abb:symphony_+_historian:3.0
-
cpe:2.3:a:abb:symphony_+_historian:3.1
-
cpe:2.3:a:abb:symphony_+_operations:1.1
-
cpe:2.3:a:abb:symphony_+_operations:2.0
-
cpe:2.3:a:abb:symphony_+_operations:2.1
-
cpe:2.3:a:abb:symphony_+_operations:3.0
-
cpe:2.3:a:abb:symphony_+_operations:3.1
-
cpe:2.3:a:abb:symphony_+_operations:3.2
-
cpe:2.3:a:abb:symphony_+_operations:3.3