{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2020-11640", "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "state": "PUBLISHED", "assignerShortName": "ABB", "dateReserved": "2020-04-08T00:00:00.000Z", "datePublished": "2024-07-23T17:36:51.458Z", "dateUpdated": "2024-08-04T11:35:13.681Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Advant MOD 300 AdvaBuild", "vendor": "ABB", "versions": [{"lessThanOrEqual": "3.7 SP2", "status": "affected", "version": "3.0", "versionType": "update"}]}], "datePublic": "2024-07-22T17:33:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nAdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.&nbsp;<br><br>Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.<p>This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.</p>"}], "value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB", "dateUpdated": "2024-07-23T17:36:51.458Z"}, "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n<br>\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n<br><br>All the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n<br><br>ABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system.\n\n<br>"}], "value": "ABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n\n\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n\n\nAll the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n\n\nABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system."}], "source": {"discovery": "UNKNOWN"}, "title": "Elevation of Privilege", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "abb", "product": "advabuild", "cpes": ["cpe:2.3:a:abb:advabuild:*:*:*:*:*:*:mod_300:*"], "defaultStatus": "unknown", "versions": [{"version": "3.0", "status": "affected", "lessThanOrEqual": "3.7sp2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-23T18:09:49.474898Z", "id": "CVE-2020-11640", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T19:00:53.120Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:35:13.681Z"}, "title": "CVE Program Container", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:35:13.681Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-11640", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-23T18:09:49.474898Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:abb:advabuild:*:*:*:*:*:*:mod_300:*"], "vendor": "abb", "product": "advabuild", "versions": [{"status": "affected", "version": "3.0", "versionType": "custom", "lessThanOrEqual": "3.7sp2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T18:48:23.721Z"}}], "cna": {"title": "Elevation of Privilege", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ABB", "product": "Advant MOD 300 AdvaBuild", "versions": [{"status": "affected", "version": "3.0", "versionType": "update", "lessThanOrEqual": "3.7 SP2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "ABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n\n\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n\n\nAll the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n\n\nABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system.", "supportingMedia": [{"type": "text/html", "value": "\n\nABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n<br>\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n<br><br>All the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n<br><br>ABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system.\n\n<br>", "base64": false}]}], "datePublic": "2024-07-22T17:33:00.000Z", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.", "supportingMedia": [{"type": "text/html", "value": "\n\nAdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.&nbsp;<br><br>Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.<p>This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB", "dateUpdated": "2024-07-23T17:36:51.458Z"}}}, "cveMetadata": {"cveId": "CVE-2020-11640", "state": "PUBLISHED", "dateUpdated": "2024-08-04T11:35:13.681Z", "dateReserved": "2020-04-08T00:00:00.000Z", "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "datePublished": "2024-07-23T17:36:51.458Z", "assignerShortName": "ABB"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2."}, {"lang": "es", "value": "AdvaBuild utiliza una cola de comandos para iniciar determinadas operaciones. Un atacante que obtenga acceso a la cola de comandos puede usarla para lanzar un ataque ejecutando cualquier ejecutable en el nodo AdvaBuild. Los ejecutables que se pueden ejecutar no se limitan a ejecutables espec\u00edficos de AdvaBuild. Vulnerabilidad de gesti\u00f3n de privilegios inadecuada en ABB Advant MOD 300 AdvaBuild. Este problema afecta a Advant MOD 300 AdvaBuild: desde 3.0 hasta 3.7 SP2."}], "id": "CVE-2020-11640", "lastModified": "2024-11-21T04:58:18.270", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}, "published": "2024-07-23T18:15:05.083", "references": [{"source": "cybersecurity@ch.abb.com", "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}], "sourceIdentifier": "cybersecurity@ch.abb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}

{}