{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T23:48:46.110","vulnerabilities":[{"cve":{"id":"CVE-2020-8476","sourceIdentifier":"cybersecurity@ch.abb.com","published":"2020-04-29T02:15:11.687","lastModified":"2024-11-21T05:38:54.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5, a weakness in validation of input exists that allows an attacker to alter licenses assigned to the system nodes by sending specially crafted messages to the CLS web service."},{"lang":"es","value":"Para el componente Central Licensing Server utilizado en los productos ABB Ability™ System 800xA y las extensiones del sistema relacionadas, versiones 5.1, 6.0 y 6.1, Compact HMI versiones 5.1 y 6.0, Control Builder Safe 1.0, 1.1 y 2.0, Symphony Plus -S+ Operations 3.0 a 3. 2 Symphony Plus -S+ Engineering 1.1 a 2.2, Composer Harmony 5.1, 6.0 y 6.1, Melody Composer 5.3, 6.1/6.2 y SPE para Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 y 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1. 3 y 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 y 6.1, Composer CTK 6.1 y 6.2, AdvaBuild 3.7 SP1 y SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 y 2.2, Knowledge Manager 8.0, 9.0 y 9. 1, Manufacturing Operations Management 1812 y 1909, ABB AbilityTM SCADAvantage versiones 5.1 a 5.6.5, existe una debilidad en la validación de la entrada que permite a un atacante alterar las licencias asignadas a los nodos del sistema enviando mensajes especialmente diseñados al servicio web CLS"}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@ch.abb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@ch.abb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:-:*:*:*:*:*:*","matchCriteriaId":"342DDBC9-9FD6-4B34-AE9D-570173A28ECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:feature_pack_4:*:*:*:*:*:*","matchCriteriaId":"1A050979-A994-49BD-9B8A-2CE8D1A21E1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:feature_pack_4_revision_d:*:*:*:*:*:*","matchCriteriaId":"12AEB479-DF30-4E2E-A384-0420176B7DDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:revision_a:*:*:*:*:*:*","matchCriteriaId":"5BF8C28D-4058-47E2-B540-7CA70702D659"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:revision_b:*:*:*:*:*:*","matchCriteriaId":"81955875-0A94-45A7-B006-976555BAAA4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:revision_c:*:*:*:*:*:*","matchCriteriaId":"E2F9226C-1D0B-42FC-AF3D-7C887B1B4CB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:revision_d:*:*:*:*:*:*","matchCriteriaId":"77831051-E99E-48D3-8064-8F46FDB1D8B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:revision_e:*:*:*:*:*:*","matchCriteriaId":"1599944B-B135-4749-99D3-67A0A57D391B"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:5.1:revision_e_feature_pack_4:*:*:*:*:*:*","matchCriteriaId":"0BD664F9-E4EF-4470-9D28-724769D725CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:6.0:*:*:*:*:*:*:*","matchCriteriaId":"CA233139-3C36-4FAC-8C00-07C2993CE76D"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:6.0.1:*:*:*:*:*:*:*","matchCriteriaId":"C9BF94DB-5305-4377-839B-F881EE66E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:6.0.3:*:*:*:*:*:*:*","matchCriteriaId":"8BD4D1B8-27CE-46AC-ABD0-1D8450CB07EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:6.0.3.3:*:*:*:*:*:*:*","matchCriteriaId":"45C9941D-F127-40A1-BFA4-C8D243465C4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:800xa_system:6.1:*:*:*:*:*:*:*","matchCriteriaId":"ADABF9B1-0CD4-45D5-8A27-62ADB848718A"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:compact_hmi:5.1:-:*:*:*:*:*:*","matchCriteriaId":"DBAA8BAB-F7D7-41EF-9011-211BB060915E"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:compact_hmi:5.1:feature_pack_4_revision_d:*:*:*:*:*:*","matchCriteriaId":"8F8C8D8B-3DD2-4269-A151-6575D81E0853"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:compact_hmi:5.1:revision_b:*:*:*:*:*:*","matchCriteriaId":"80C9557B-25E2-49E7-9CC0-646B9F1613B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:compact_hmi:5.1:revision_d:*:*:*:*:*:*","matchCriteriaId":"51D26A7F-A97A-4A5E-B5CC-7DEAD57F8205"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:compact_hmi:6.0.1-1:*:*:*:*:*:*:*","matchCriteriaId":"98DF36B0-B85E-474E-889A-BD7B5E6918FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:compact_hmi:6.0.3-2:*:*:*:*:*:*:*","matchCriteriaId":"42CCE362-2A91-4199-8D52-F24EFFA7C33C"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:control_builder_safe:1.0:*:*:*:*:*:*:*","matchCriteriaId":"8BDC5CDB-084E-43D8-8B3A-44081046BEC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:control_builder_safe:1.1:*:*:*:*:*:*:*","matchCriteriaId":"27E57B1E-19DE-4FA4-8E44-39E9DCE1AAC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:abb:control_builder_safe:2.0:*:*:*:*:*:*:*","matchCriteriaId":"CB9438BF-271C-4BAC-B10E-1142E3CE8A02"}]}]}],"references":[{"url":"https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch","source":"cybersecurity@ch.abb.com","tags":["Vendor Advisory"]},{"url":"https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch","source":"cybersecurity@ch.abb.com","tags":["Vendor Advisory"]},{"url":"https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch","source":"cybersecurity@ch.abb.com"},{"url":"https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}