Resource exhaustion in Abb Ac500 V2 Products With Onboard Ethernet

CVE-2020-24686

The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnera…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.014 (69.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2020-24686?
CVE-2020-24686 is a high-severity vulnerability in Abb Ac500 V2 Products With Onboard Ethernet, classified under Uncontrolled Resource Consumption. CVSS score: 7.5/10. Published 2021-02-26.
How severe is CVE-2020-24686?
High severity. CVSS v3 base score is 7.5 out of 10.