CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2020-24677 – Insecure Web Service in Symphony Plus
https://notcve.org/view.php?id=CVE-2020-24677
Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data. Las vulnerabilidades en las aplicaciones web S+ Operations y S+ Historian, pueden conducir a una posible ejecución de código y escalada de privilegios, un redireccionamiento del usuario a otro lugar o una descarga de datos no deseados • https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2020-24676 – Insecure Windows Services in Symphony Plus
https://notcve.org/view.php?id=CVE-2020-24676
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as. En Symphony Plus Operations y Symphony Plus Historian, algunos servicios pueden ser vulnerables a ataques de escalada de privilegios. Un usuario sin privilegios (pero autenticado) podría ejecutar código arbitrario y resultar en una escalada de privilegios, dependiendo del usuario con el que se ejecuta el servicio • https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2020-24678 – Potential Privilege Escalation in Symphony Plus
https://notcve.org/view.php?id=CVE-2020-24678
An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges. Un usuario autenticado puede ejecutar código malicioso en el contexto del usuario y tomar el control del sistema. La base de datos de S+ Operations o S??+ Historian está afectada por múltiples vulnerabilidades, como la posibilidad de permitir que los usuarios autenticados remotos obtengan altos privilegios • https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10287 – RVD#3326: Hardcoded default credentials on IRC 5 OPC Server
https://notcve.org/view.php?id=CVE-2020-10287
The IRC5 family with UAS service enabled comes by default with credentials that can be found on publicly available manuals. ABB considers this a well documented functionality that helps customer set up however, out of our research, we found multiple production systems running these exact default credentials and consider thereby this an exposure that should be mitigated. Moreover, future deployments should consider that these defaults should be forbidden (user should be forced to change them). La familia IRC5 con servicio UAS habilitado viene por defecto con credenciales que se pueden encontrar en los manuales disponibles públicamente. ABB considera que esta es una funcionalidad bien documentada que ayuda al cliente a configurar, sin embargo, a partir de nuestra investigación, encontramos múltiples sistemas de producción que ejecutan estas credenciales predeterminadas exactas y consideramos que es una exposición que debe ser mitigada. • https://github.com/aliasrobotics/RVD/issues/3326 • CWE-255: Credentials Management Errors CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10288 – RVD#3327: No authentication required for accesing ABB IRC5 FTP server
https://notcve.org/view.php?id=CVE-2020-10288
IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and password, however you can input whatever you like. As long as the field isn't empty it will be accepted. IRC5 expone un servidor ftp (puerto 21). Al intentar conseguir acceso, se le solicita una petición de nombre de usuario y contraseña, sin embargo, puede ingresar lo que desee. • https://github.com/aliasrobotics/RVD/issues/3327 • CWE-284: Improper Access Control CWE-287: Improper Authentication •