admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-246xx/CVE-2020-24685.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

162 lines
5.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-24685",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2021-02-09T04:15:14.393",
"lastModified": "2024-11-21T05:15:46.830",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability. Vulnerability allows attacker to stop the PLC. After stopping (ERR LED flashing red), physical access to the PLC is required in order to restart the application. This issue affects: ABB AC500 V2 products with onboard Ethernet version 2.8.4 and prior versions."
},
{
"lang": "es",
"value": "Un paquete no autenticado especialmente dise\u00f1ado y enviado por un atacante a trav\u00e9s de la red causar\u00e1 una vulnerabilidad de denegaci\u00f3n de servicio (DoS). Una vulnerabilidad permite a un atacante detener el PLC. Despu\u00e9s de detenerse (LED ERR parpadeando en rojo), es requerido acceso f\u00edsico al PLC para reiniciar la aplicaci\u00f3n. Este problema afecta a: Productos ABB AC500 V2 con Ethernet integrado versi\u00f3n 2.8.4 d y anteriores"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-789"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:ac500_cpu_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.5",
"matchCriteriaId": "A6EEF8FD-379B-4D13-985D-A812C6627CE7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:pm573-eth:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E50EDB62-28E9-42DB-A6D5-8F08050FD882"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:pm583-eth:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEC2866-83F4-4546-9B1D-395E0AA0B2F1"
}
]
}
]
}
],
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010667&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@ch.abb.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR010667&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink