Rewterz Threat Advisory – ICS: ABB System 800xA Multiple Vulnerabilities

Nanocore RAT Malware Analysis

June 2, 2020

Rewterz Threat Advisory – ICS: ABB Central Licensing System Multiple Vulnerabilities

June 3, 2020

Rewterz Threat Advisory – ICS: ABB System 800xA Multiple Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2020-8472

Weak access control lists for system folders could allow low privileged users to modify system and application files.

CVE-2020-8473

An attacker who successfully exploits the weak file permissions in one of the ABB System 800xA functions could corrupt applications by escalating privileges, executing arbitrary code, and affecting various engineering functions.

Impact

Privilege escalation
Cause system functions to stop
Corrupt user applications.

Affected Vendors

ABB

Affected Products

System 800xA

Remediation

Refer to ICS advisory for the complete list of affected products and upgraded patches.

https://www.us-cert.gov/ics/advisories/icsa-20-154-01

Nanocore RAT Malware Analysis

Rewterz Threat Advisory – ICS: ABB Central Licensing System Multiple Vulnerabilities

Rewterz Threat Advisory – ICS: ABB System 800xA Multiple Vulnerabilities

Severity

Analysis Summary

CVE-2020-8472

CVE-2020-8473

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan