Resource exhaustion in Abb Ac500 V2 Products With Onboard Ethernet
CVE-2020-24686
The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnera…
Vulnerability class: DoS (Denial of Service)
EPSS: 0.014 (69.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Affected products
Weakness classification (CWE)
References
- cybersecurity@ch.abb.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-24686?
- CVE-2020-24686 is a high-severity vulnerability in Abb Ac500 V2 Products With Onboard Ethernet, classified under Uncontrolled Resource Consumption. CVSS score: 7.5/10. Published 2021-02-26.
- How severe is CVE-2020-24686?
- High severity. CVSS v3 base score is 7.5 out of 10.