abb-ability-symphony-plus-operations
में ठीक किया गया
3.3 Service Pack 1
2.1 SP2 Rollup 2
2.2
CVE-2020-24673 describes a critical SQL injection vulnerability affecting ABB Ability™ Symphony® Plus Operations versions up to 3.3 Service Pack 1. This vulnerability allows attackers to inject malicious SQL code, potentially leading to unauthorized access, modification, or deletion of sensitive data. Successful exploitation can compromise the integrity and availability of the industrial control system, impacting operational processes. The vulnerability has been addressed with the release of version 3.3 Service Pack 1.
The impact of CVE-2020-24673 is severe due to the potential for widespread data compromise and system disruption. An attacker exploiting this vulnerability could read sensitive data stored within the database, including configuration information, user credentials, and process data. Furthermore, they could modify database entries, leading to incorrect operational parameters or even the shutdown of the database management system (DBMS). The ability to execute commands on the operating system elevates the risk significantly, potentially allowing for lateral movement within the network and further compromise of connected systems. This vulnerability shares similarities with other SQL injection attacks where database access is leveraged to gain control over the underlying system.
CVE-2020-24673 was publicly disclosed on December 22, 2020. While no active exploitation campaigns have been publicly confirmed, the CRITICAL severity and the potential for significant impact make it a high-priority vulnerability. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the vulnerability's nature makes it likely that such exploits will emerge.
Organizations utilizing ABB Ability™ Symphony® Plus Operations in critical infrastructure sectors, particularly those with legacy configurations or inadequate network segmentation, are at heightened risk. Shared hosting environments where multiple tenants share a database instance are also vulnerable if the application is not properly secured.
• linux / server:
journalctl -u symphony_plus | grep -i "SQL injection"• generic web:
curl -I <affected_endpoint> | grep -i "SQL injection"disclosure
patch
एक्सप्लॉइट स्थिति
EPSS
0.40% (61% शतमक)
CVSS वेक्टर
The primary mitigation for CVE-2020-24673 is to upgrade to ABB Ability™ Symphony® Plus Operations version 3.3 Service Pack 1 or later. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting network access to the affected system and implementing strict input validation on all user-supplied data. Web application firewalls (WAFs) configured to detect and block SQL injection attempts can also provide a layer of defense. Monitor system logs for suspicious database activity and consider implementing intrusion detection systems (IDS) to identify potential exploitation attempts. After upgrading, verify the fix by attempting a SQL injection attack on the vulnerable endpoint and confirming that it is blocked.
Actualizar a la versión 3.3 Service Pack 1, 2.1 SP2 Rollup 2 o 2.2 (o superior) según corresponda a la versión instalada de ABB Ability™ Symphony® Plus Operations. Esto solucionará la vulnerabilidad de inyección SQL.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2020-24673 is a critical SQL injection vulnerability in ABB Ability™ Symphony® Plus Operations ≤3.3 SP1, allowing attackers to potentially read, modify, or delete database data and execute operating system commands.
If you are running ABB Ability™ Symphony® Plus Operations versions prior to 3.3 Service Pack 1, you are potentially affected by this vulnerability.
The recommended fix is to upgrade to ABB Ability™ Symphony® Plus Operations version 3.3 Service Pack 1 or later. Implement temporary workarounds if an immediate upgrade is not possible.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity warrants immediate attention and mitigation.
Refer to the official ABB security advisory for detailed information and mitigation guidance: [https://www.abb.com/security-advisories](https://www.abb.com/security-advisories)
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।