← Back to home
ICSA-22-074-01  ·  Published 2022-03-15  ·  View on CISA ICS-CERT ↗

ABB OPC Server for AC 800M

CVSS 8.4 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow a low privileged authenticated user to remotely execute arbitrary code.

CVEs (1)

Remediations

  • 800xA control software for AC 800M to v6.1.0-0 or later.
  • 800xA, Control Software for AC 800M update to 6.0.0-4 (scheduled for release later in 2022).
  • Contact ABB for update information.
  • Users unable to install the update are advised to review the Mitigations and Workarounds section of the ABB advisory for additional advice on how to reduce the risk associated with this vulnerability.

Affected Vendors

ABB

Affected Products (3)

ABB · OPC Server for AC 800M 5.1.0-x | 5.1.1-x | >= 6.0.0-1 | <= 6.0.0-3
ABB · OPC Server for AC 800M 5.1.1-1 | 6.0.0-1
ABB · OPC Server for AC 800M 5.1.0-x | 5.1.1-x | 6.0.0-x

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more