CVE-2020-11639

CVSS V2 None CVSS V3 None

Description

An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing the product to store wrong information or act on wrong data or display wrong information. This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2. For an attack to be successful, the attacker must have local access to a node in the system and be able to start a specially crafted application that disrupts the communication. An attacker who successfully exploited the vulnerability would be able to manipulate the data in such way as allowing reads and writes to the controllers or cause Windows processes in 800xA for MOD 300 and AdvaBuild to crash.

Overview

CVE ID
CVE-2020-11639

Assigner
ABB

Vulnerability Status
PUBLISHED

Published Version
2024-07-23T17:26:55.489Z

Last Modified Date
2024-07-23T19:10:57.887Z

Weakness Enumerations

CWE	URL
CWE-924	http://cwe.mitre.org/data/definitions/924.html

References

Reference URL	Reference Tags
https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2020-11639
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11639

History

Created	Old Value	New Value	Data Type	Notes
2024-07-24 12:01:09				Added to TrackCVE