CVE-2020-24674 : Exploit Details and Defense Strategies

In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.

Understanding CVE-2020-24674

This CVE involves an improper authorization issue in ABB's Symphony Plus Operations and Symphony Plus Historian.

What is CVE-2020-24674?

The vulnerability allows authenticated but unauthorized remote users to perform various malicious actions on affected systems.

The Impact of CVE-2020-24674

CVSS Base Score: 8.8 (High)
Attack Vector: Network
Attack Complexity: Low
Confidentiality, Integrity, and Availability Impact: High
Privileges Required: Low
Scope: Unchanged
User Interaction: None

Technical Details of CVE-2020-24674

This section provides more technical insights into the vulnerability.

Vulnerability Description

The issue arises from the improper checking of user permissions in Symphony Plus Operations and Historian, leading to unauthorized actions by remote users.

Affected Systems and Versions

ABB Ability™ Symphony® Plus Operations: Versions less than 3.3 Service Pack 1, 2.1 SP2 Rollup 2, and 2.2
ABB Ability™ Symphony® Plus Historian: Version less than 3.2

Exploitation Mechanism

Unauthorized remote users can exploit this vulnerability to execute a DoS attack, run arbitrary code, or gain elevated privileges on the targeted machines.

Mitigation and Prevention

Protect your systems from CVE-2020-24674 by following these steps:

Immediate Steps to Take

Apply vendor-supplied patches promptly
Monitor network traffic for any suspicious activity
Restrict network access to vulnerable systems

Long-Term Security Practices

Regularly update and patch software and systems
Implement strong access controls and user permissions

Patching and Updates

Ensure all affected systems are updated with the latest patches to mitigate the vulnerability.