CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10334 – Camera passwords stored in clear text
https://notcve.org/view.php?id=CVE-2024-10334
10 Feb 2025 — A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used. An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X. A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used. An attacker who successfully exploited the v... • https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-256: Plaintext Storage of a Password •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-0010 – QCS 800xA Vulnerability identified in system log files
https://notcve.org/view.php?id=CVE-2022-0010
22 May 2023 — Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0... • https://search.abb.com/library/Download.aspx?DocumentID=3BUS221709&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.108646530.1437951308.1684739395-1142547495.1678209228 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2021-22277 – AC 800M MMS - Denial of Service vulnerability in MMS communication
https://notcve.org/view.php?id=CVE-2021-22277
01 Apr 2022 — Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. Una vulnerabilidad de comprobación de entrada inapropiada en ABB 800xA, Software de control para AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl permite a un atacante causar la denegación de servicio • https://search.abb.com/library/Download.aspx?DocumentID=7PAA001499&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8489 – ABB System 800xA Inter process communication vulnerability - 800xA Information Management
https://notcve.org/view.php?id=CVE-2020-8489
29 Apr 2020 — Insufficient protection of the inter-process communication functions in ABB System 800xA Information Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting the runtime values to be stored in the archive, or making Information Management history services unavailable. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA Information Management (todas las versiones publicadas), permite a un atacante autentica... • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8488 – ABB System 800xA Inter process communication vulnerability - 800xA Batch Management
https://notcve.org/view.php?id=CVE-2020-8488
29 Apr 2020 — Insufficient protection of the inter-process communication functions in ABB System 800xA Batch Management (all published versions) enables an attacker authenticated on the local system to inject data, affecting User Interface update during batch execution and/or compare/printing functionalities. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA Batch Management (todas las versiones publicadas), permite a un atacante autenticado en el sistema local inyectar datos... • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8487 – ABB System 800xA Inter process communication vulnerability - System 800xA Base
https://notcve.org/view.php?id=CVE-2020-8487
29 Apr 2020 — Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA Base (todas las versiones publicadas), permite a un atacante autenticado en el sistema local inyectar datos, afectando al manejo de la redundancia de nodos. • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8486 – ABB System 800xA Inter process communication vulnerability - 800xA RNRP
https://notcve.org/view.php?id=CVE-2020-8486
29 Apr 2020 — Insufficient protection of the inter-process communication functions in ABB System 800xA RNRP (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA RNRP (todas las versiones publicadas), permite a un atacante autentificado en el sistema local inyectar datos, afectando al manejo de la redundancia de nodos. • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8485 – ABB System 800xA Inter process communication vulnerability - 800xA for Mod 300
https://notcve.org/view.php?id=CVE-2020-8485
29 Apr 2020 — Insufficient protection of the inter-process communication functions in ABB System 800xA for MOD 300 (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA para MOD 300 (todas las versiones publicadas), permite a un atacante autentificado en el sistema local inyectar datos, permitiendo leer y ... • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8484 – ABB System 800xA Inter process communication vulnerability - 800xA for DCI
https://notcve.org/view.php?id=CVE-2020-8484
29 Apr 2020 — Insufficient protection of the inter-process communication functions in ABB System 800xA for DCI (all published versions) enables an attacker authenticated on the local system to inject data, allowing reads and writes to the controllers or cause windows processes to crash. Una protección insuficiente de las funciones de comunicación entre procesos en ABB System 800xA para DCI (todas las versiones publicadas), permite a un atacante autentificado en el sistema local inyectar datos, permitiendo leer y escribir... • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8481 – ABB Central Licensing System - Information disclosure
https://notcve.org/view.php?id=CVE-2020-8481
29 Apr 2020 — For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Ser... • https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-922: Insecure Storage of Sensitive Information •