In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.
References
Link | Resource |
---|---|
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123980&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory |
https://search.abb.com/library/Download.aspx?DocumentID=2PAA123982&LanguageCode=en&DocumentPartId=&Action=Launch | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ABB
Published: 2020-12-15T00:00:00
Updated: 2020-12-22T21:15:22
Reserved: 2020-08-26T00:00:00
Link: CVE-2020-24676
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-22T22:15:13.333
Modified: 2021-09-14T15:23:58.643
Link: CVE-2020-24676
JSON object: View
Redhat Information
No data.