github - ghsa-6mjp-g2rf-hh5w

ghsa-6mjp-g2rf-hh5w

Vulnerability from github

Published

2024-07-23 18:31

Modified

2024-07-23 18:31

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables.

Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-11640"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-23T18:15:05Z",
    "severity": "HIGH"
  },
  "details": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.",
  "id": "GHSA-6mjp-g2rf-hh5w",
  "modified": "2024-07-23T18:31:07Z",
  "published": "2024-07-23T18:31:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11640"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.200044199.882581162.1721753430-284724496.1718609177"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2020-11640 (GCVE-0-2020-11640)

Vulnerability from cvelistv5

Published

2024-07-23 17:36

Modified

2024-08-04 11:35

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-269 - Improper Privilege Management

Summary

AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.

References

►

URL

Tags

https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177

Impacted products

	Vendor	Product	Version
	ABB	Advant MOD 300 AdvaBuild	Version: 3.0

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:abb:advabuild:*:*:*:*:*:*:mod_300:*"
            ],
            "defaultStatus": "unknown",
            "product": "advabuild",
            "vendor": "abb",
            "versions": [
              {
                "lessThanOrEqual": "3.7sp2",
                "status": "affected",
                "version": "3.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-11640",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T18:09:49.474898Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-24T19:00:53.120Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:35:13.681Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.200044199.882581162.1721753430-284724496.1718609177"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Advant MOD 300 AdvaBuild",
          "vendor": "ABB",
          "versions": [
            {
              "lessThanOrEqual": "3.7 SP2",
              "status": "affected",
              "version": "3.0",
              "versionType": "update"
            }
          ]
        }
      ],
      "datePublic": "2024-07-22T17:33:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nAdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.\u003cp\u003eThis issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.\u003c/p\u003e"
            }
          ],
          "value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-23T17:36:51.458Z",
        "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "shortName": "ABB"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.200044199.882581162.1721753430-284724496.1718609177"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n\u003cbr\u003e\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n\u003cbr\u003e\u003cbr\u003eAll the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n\u003cbr\u003e\u003cbr\u003eABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system.\n\n\u003cbr\u003e"
            }
          ],
          "value": "ABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n\n\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n\n\nAll the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n\n\nABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Elevation of Privilege",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
    "assignerShortName": "ABB",
    "cveId": "CVE-2020-11640",
    "datePublished": "2024-07-23T17:36:51.458Z",
    "dateReserved": "2020-04-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T11:35:13.681Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.