ABB System 800xA

Plan PatchCVSS 7.3ICS-CERT ICSA-20-154-01Jun 2, 2020

ABB

Attack path

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionRequired

Summary

Multiple privilege escalation vulnerabilities exist in ABB System 800xA components (MMS Server for AC 800M, OPC Server for AC 800M, Control Builder M Professional, Base Software for SoftControl, and System 800xA Base). These flaws are only exploitable by authenticated users with valid System 800xA credentials. Successful exploitation allows an authenticated attacker to escalate privileges, execute arbitrary commands, stop system functions, and corrupt user applications. No public exploits are known, and these vulnerabilities are not remotely exploitable.

What this means

What could happen

An authenticated user could escalate privileges on ABB System 800xA and run arbitrary commands, potentially stopping critical control functions or corrupting applications managing water treatment, power distribution, or related OT processes.

Who's at risk

Water authorities and utilities using ABB System 800xA for process automation and control, specifically those running MMS Server, OPC Server, Control Builder M Professional, or SoftControl Base Software at versions 6.1 or earlier. This affects facilities managing critical infrastructure like water treatment, pump stations, and power distribution that rely on these ABB components for operation.

How it could be exploited

An attacker with valid credentials to System 800xA (obtained through phishing, credential theft, or insider access) can log in locally or remotely and exploit privilege escalation flaws in the affected modules to gain higher-level access and execute commands that modify or stop system functions.

Prerequisites

Valid System 800xA user account credentials
Local or remote interactive logon access to the affected product
User role with sufficient privileges to trigger the escalation flaw

no patch available for most productsauthenticated exploitation onlyrequires valid user credentialsprivilege escalation capabilityaffects safety-critical process control

Exploitability

Unlikely to be exploited — EPSS score 0.0%

Affected products (5)

1 with fix4 EOL

ProductAffected VersionsFix Status

OPC Server for AC 800M:≤ 6.06.1

MMS Server for AC 800M:≤ 6.1No fix (EOL)

System 800xA Base:≤ 6.1No fix (EOL)

Control Builder M Professional:≤ 6.1No fix (EOL)

Base Software for SoftControl:≤ 6.1No fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

WORKAROUNDChange all System 800xA user account passwords, especially any that may have been shared or are suspected to be known by unauthorized persons

HARDENINGDisable interactive logon (local and remote) for service accounts in System 800xA

HARDENINGRestrict System 800xA user accounts to authorized personnel only and audit active user accounts regularly

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXApply System 800xA 6.1 or later to OPC Server for AC 800M

HOTFIXApply System 800xA 6.0.3.4 or later (when available) to MMS Server, Control Builder M Professional, Base Software for SoftControl, and System 800xA Base

CVEs (2)

CVE-2020-8472 CVE-2020-8473

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/35626be7-0093-49fc-9ffa-0af99ca48c2e

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.