The official site for Saudi CERT
ABB Updates
3367
Warning Date
Severity Level
Warning Number
Target Sector
3 June, 2020
● High
2020-1309
Energy - Water and Utilities - Manufacturing - Other
Description:
ABB has released security updates to address vulnerabilities in the following products:
- ABB Ability System 800xA and related system extensions
- 5.1, 6.0, 6.1
- Compact HMI
- 5.1, 6.0
- Control Builder Safe
- 1.0, 1.1, 2.0
- ABB Ability Symphony Plus – S+ Operations:
- 3.0 to 3.2
- ABB Ability Symphony Plus – S+ Engineering
- 1.1 to 2.2
- Composer Harmony
- 5.1, 6.0, 6.1
- Composer Melody (incl. SPE for Melody 1.0 SPx)
- 5.3, 6.1, 6.2, 6.3
- Harmony OPC Server (HAOPC): Standalone
- 6.0, 6.1, 7.0
- ABB Ability System 800xA / Advant OCS Control Builder A
- 1.3, 1.4
- Advant OCS AC 100 OPC Server
- 5.1, 6.0, 6.1
- Composer CTK
- 6.1, 6.2
- AdvaBuild
- 3.7 SP1, 3.7 SP2
- OPC Server MOD 300 (non-800xA)
- 1.4
- OPC Data Link
- 2.1, 2.2
- ABB Ability Knowledge Manager
- 8.0, 9.0, 9.1
- ABB Ability Manufacturing Operations Management
- 1812, 1909
- Control Builder M Professional: Versions 6.1 and prior
- OPC Server for AC 800M
- all versions
- MMS Server for AC 800M
- all versions
- Base Software for SoftControl
- all versions
- ABB System 800xA Base
- all versions
- 800xA for DCI
- all versions
- 800xA for MOD 300
- all versions
- 800xA RNRP
- all versions
- 800xA Batch Management
- all versions
- 800xA Information Management
- all versions
Threats:
- Obtain sensitive information
- Denial of Service (DoS)
- Escalate privileges
- Incorrect Permission Assignment
Best practice and Recommendations:
The CERT team encourages users to review ABB security advisory and apply the necessary updates and mitigation:
Rate the content
Share the page
