ABB System 800xA | ¶à¸öÇå¾²Îó²îͨ¸æ
Ðû²¼Ê±¼ä 2020-05-210x00 Îó²î¸ÅÊö
²úÆ· |
CVE ID |
Àà ÐÍ |
Îó²îÆ·¼¶ |
Ô¶³ÌʹÓà |
Ó°Ïì¹æÄ£ |
ABB System 800xA |
CVE-2020-8478 |
I |
µÍΣ |
·ñ |
ABB System 800xAËùÓа汾 |
ABB System 800xA for DCI |
CVE-2020-8484 |
PAC |
¸ßΣ |
·ñ |
ABB System 800xA for DCIËùÓа汾 |
ABB System 800xA for MOD 300 |
CVE-2020-8485 |
PAC |
¸ßΣ |
·ñ |
ABB System 800xA for MOD 300ËùÓа汾 |
ABB System 800xA RNRP |
CVE-2020-8486 |
PAC |
¸ßΣ |
·ñ |
ABB System 800xA RNRPËùÓа汾 |
ABB System 800xA Base |
CVE-2020-8487 |
PAC |
¸ßΣ |
·ñ |
ABB System 800xA BaseËùÓа汾 |
ABB System 800xA Batch Management |
CVE-2020-8488 |
PAC |
¸ßΣ |
·ñ |
ABB System 800xA Batch ManagementËùÓа汾 |
ABB System 800xA Information Management |
CVE-2020-8489 |
PAC |
¸ßΣ |
·ñ |
ABB System 800xA Information ManagementËùÓа汾 |
0x01 Îó²îÏêÇé
ABB System 800xA Information ManagementÊÇÈðÊ¿ABB¹«Ë¾µÄÒ»Ì×ÐÅÏ¢ÖÎÀíϵͳ¡£¡£¡£¡£¡£¡£¸ÃϵͳÌṩÖÇÄÜÊý¾Ý»á¼û¹¦Ð§£¬£¬£¬£¬¿É»á¼ûÀ©Õ¹×Ô¶¯»¯ÏµÍ³ÖÐËùÓÐÓ¦ÓóÌÐòµÄʵʱºÍÀúÊ·ÐÅÏ¢¡£¡£¡£¡£¡£¡£ABB System 800xAÖб£´æ¶à¸öÇå¾²Îó²î£¬£¬£¬£¬ÏêϸÈçÏ£º
CVE-2020-8478ÊÇABB System 800xAÖб£´æµÄ×¢ÈëÎó²î¡£¡£¡£¡£¡£¡£ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢ÈëÊý¾Ý£¬£¬£¬£¬Ó°ÏìControl BuilderÖÐÏÔʾµÄÔËÐÐʱÊý¾ÝÊÓͼ¡£¡£¡£¡£¡£¡£
CVE-2020-8484ÊÇABB System 800xA for DCIÖб£´æµÄȨÏÞÔÊÐíºÍ»á¼û¿ØÖÆÎÊÌâÎó²î£¬£¬£¬£¬ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢ÈëÊý¾Ý£¬£¬£¬£¬¶Ô¿ØÖÆÆ÷¾ÙÐжÁд²Ù×÷»òµ¼ÖÂWindowsÀú³ÌÍ߽⡣¡£¡£¡£¡£¡£
CVE-2020-8485ÊÇABB System 800xA for MOD 300Öб£´æµÄȨÏÞÔÊÐíºÍ»á¼û¿ØÖÆÎÊÌâÎó²î¡£¡£¡£¡£¡£¡£ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢ÈëÊý¾Ý£¬£¬£¬£¬¶Ô¿ØÖÆÆ÷¾ÙÐжÁд²Ù×÷»òµ¼ÖÂWindowsÀú³ÌÍ߽⡣¡£¡£¡£¡£¡£
CVE-2020-8486ÊÇABB System 800xA RNRPÖб£´æµÄȨÏÞÔÊÐíºÍ»á¼û¿ØÖÆÎÊÌâÎó²î¡£¡£¡£¡£¡£¡£ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢ÈëÊý¾Ý£¬£¬£¬£¬Ó°Ïì½ÚµãÈßÓà´¦Öóͷ£¡£¡£¡£¡£¡£¡£
CVE-2020-8487ÊÇABB System 800xA BaseÖб£´æµÄȨÏÞÔÊÐíºÍ»á¼û¿ØÖÆÎÊÌâÎó²î¡£¡£¡£¡£¡£¡£ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢ÈëÊý¾Ý£¬£¬£¬£¬Ó°Ïì½ÚµãÈßÓà´¦Öóͷ£¡£¡£¡£¡£¡£¡£
CVE-2020-8488ÊÇABB System 800xA Batch ManagementÖб£´æµÄȨÏÞÔÊÐíºÍ»á¼û¿ØÖÆÎÊÌâÎó²î¡£¡£¡£¡£¡£¡£ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢ÈëÊý¾Ý£¬£¬£¬£¬Ó°ÏìÓû§½çÃæµÄ¸üУ¬£¬£¬£¬½ÏÁ¿/´òÓ¡¹¦Ð§¡£¡£¡£¡£¡£¡£
CVE-2020-8489ÊÇABB System 800xA Information ManagementÖб£´æµÄȨÏÞÔÊÐíºÍ»á¼û¿ØÖÆÎÊÌâÎó²î¡£¡£¡£¡£¡£¡£ÍâµØ¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢ÈëÊý¾Ý¡£¡£¡£¡£¡£¡£
0x02 ´¦Öóͷ£½¨Òé
ÏÖÔÚ³§ÉÌÔÝδÐû²¼ÐÞ¸´²½·¥½â¾ö´ËÇå¾²ÎÊÌ⣬£¬£¬£¬½¨ÒéʹÓôËÈí¼þµÄÓû§ËæÊ±¹Ø×¢³§ÉÌÖ÷Ò³»ò²Î¿¼ÍøÖ·ÒÔ»ñÈ¡½â¾ö²½·¥£ºhttps://new.abb.com/
ÔÝʱ²½·¥£ºÓÉÓÚ¹¥»÷ÕßÐèÒªÄܹ»µÇ¼µ½ÏµÍ³²¢Ö´ÐÐÌØÖÆµÄÈí¼þ²Å»ªÊ¹ÓÃÎó²î£¬£¬£¬£¬Òò´ËÐèҪȷ±£Ö»ÓÐÊÚȨְԱ¿ÉÒÔ»á¼ûϵͳ½ÚµãÉϵÄÓû§ÕÊ»§£¬£¬£¬£¬²¢ÔÚABB System 800xAÉÏʹÓð×Ãûµ¥¡£¡£¡£¡£¡£¡£
0x03 Ïà¹ØÐÂÎÅ
https://ics-cert.kaspersky.com/news/2020/04/30/abb-vulnerabilities/
0x04 ²Î¿¼Á´½Ó
https://search.abb.com/library/Download.aspx?DocumentID=2PAA121236&LanguageCode=en&DocumentPartId=&Action=Launch
0x05 ʱ¼äÏß
2020-05-21 VSRCÐû²¼Îó²îͨ¸æ
