CVE-2021-22284

Summary

Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server.

Affected Software

VendorProductVersion RangeStatus
ABB800xA, Control Software for AC 800M OPC Server for AC 800Munspecified <= 5.1.0-xaffected
ABB800xA, Control Software for AC 800M OPC Server for AC 800Munspecified <= 5.1.1-xaffected
ABB800xA, Control Software for AC 800M OPC Server for AC 800M6.0.0-1affected
ABB800xA, Control Software for AC 800M OPC Server for AC 800M6.0.0-2affected
ABB800xA, Control Software for AC 800M OPC Server for AC 800M6.0.0-3affected
ABBControl Builder Safe, version 1.x OPC Server for AC 800M5.1.1-1affected
ABBControl Builder Safe, version 2.0 OPC Server for AC 800M6.0.0-1affected
ABBCompact Product Suite - Control and I/O OPC Server for AC 800Munspecified <= 5.1.0-xaffected
ABBCompact Product Suite - Control and I/O OPC Server for AC 800Munspecified <= 5.1.1-xaffected
ABBCompact Product Suite - Control and I/O OPC Server for AC 800Munspecified <= 6.0.0-xaffected

Weaknesses

  • CWE-732: CWE-732 Incorrect Permission Assignment for Critical Resource

ADP Enrichment

CVE Program Container

Additional References

References