An attacker could exploit the vulnerability by
injecting garbage data or specially crafted data. Depending on the data injected each process might be
affected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing
the product to store wrong information or act on wrong data or display wrong information.
This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.
For an attack to be successful, the attacker must have local access to a node in the system and be able to
start a specially crafted application that disrupts the communication.
An attacker who successfully exploited the vulnerability would be able to manipulate the data in such
way as allowing reads and writes to the controllers or cause Windows processes in 800xA for MOD 300
and AdvaBuild to crash.
References
Configurations
No configuration.
History
21 Nov 2024, 04:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177 - |
24 Jul 2024, 12:55
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Jul 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-23 18:15
Updated : 2024-11-21 04:58
NVD link : CVE-2020-11639
Mitre link : CVE-2020-11639
CVE.ORG link : CVE-2020-11639
JSON object : View
Products Affected
No product.
CWE
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel