What is CVE-2020-24676?

CVE-2020-24676 is a high-severity vulnerability in Abb Ability™ Symphony® Plus Historian, classified under Improper Handling of Insufficient Privileges. CVSS score: 7.8/10. Published 2020-12-22.

How severe is CVE-2020-24676?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Abb Ability™ Symphony® Plus Historian

CVE-2020-24676

In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending o…

EPSS: 0.000 (13.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Abb Ability™ Symphony® Plus Historian — versions unspecified
Abb Ability™ Symphony® Plus Operations — versions unspecified

Weakness classification (CWE)

CWE-274 — Improper Handling of Insufficient Privileges

References

search.abb.com/library/Download.aspx (x_refsource_MISC)
search.abb.com/library/Download.aspx (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-24676?: CVE-2020-24676 is a high-severity vulnerability in Abb Ability™ Symphony® Plus Historian, classified under Improper Handling of Insufficient Privileges. CVSS score: 7.8/10. Published 2020-12-22.
How severe is CVE-2020-24676?: High severity. CVSS v3 base score is 7.8 out of 10.