CVE-2021-22284 Vulnerability Details

  /     /     /  

CVE-2021-22284 Metadata Quick Info

CVE Published: 04/02/2022 | CVE Updated: 16/09/2024 | CVE Year: 2021
Source: ABB | Vendor: ABB | Product: 800xA, Control Software for AC 800M OPC Server for AC 800M
Status : PUBLISHED

CVE-2021-22284 Description

Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server.

Metrics

CVSS Version: 3.1 | Base Score: 8.4 HIGH
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* ADJACENT_NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* LOW
    User Interaction (UI)* REQUIRED
    Scope (S)* CHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* HIGH
    Integrity Impact (I)* HIGH
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-732
CWE Name: CWE-732 Incorrect Permission Assignment for Critical Resource
Source: ABB

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2021-22284 Vulnerability Details