CVE-2020-11640 - Vulnerability Details - OpenCVE

AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00197.

Key SSVC decision points have not yet been added.

Vendors	Products
Abb	Advabuild

Configuration 1 [-]

OR	cpe:2.3:a:abb:advabuild::::::advant_mod_300::*
	cpe:2.3:a:abb:advabuild:3.7:-::::advant_mod_300::*
	cpe:2.3:a:abb:advabuild:3.7:sp1::::advant_mod_300::*
	cpe:2.3:a:abb:advabuild:3.7:sp2::::advant_mod_300::*

No data.

No data.

References

Link	Providers
https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177

History

Fri, 19 Dec 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Abb Abb advabuild
CPEs		cpe:2.3:a:abb:advabuild::::::advant_mod_300::* cpe:2.3:a:abb:advabuild:3.7:-::::advant_mod_300::* cpe:2.3:a:abb:advabuild:3.7:sp1::::advant_mod_300::* cpe:2.3:a:abb:advabuild:3.7:sp2::::advant_mod_300::*
Vendors & Products		Abb Abb advabuild

MITRE

Status: PUBLISHED

Assigner: ABB

Published: 2024-07-23T17:36:51.458Z

Updated: 2024-08-04T11:35:13.681Z

Reserved: 2020-04-08T00:00:00.000Z

Link: CVE-2020-11640

Vulnrichment

Updated: 2024-08-04T11:35:13.681Z

NVD

Status : Analyzed

Published: 2024-07-23T18:15:05.083

Modified: 2025-12-19T15:57:45.533

Link: CVE-2020-11640

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2020-11640", "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "state": "PUBLISHED", "assignerShortName": "ABB", "dateReserved": "2020-04-08T00:00:00.000Z", "datePublished": "2024-07-23T17:36:51.458Z", "dateUpdated": "2024-08-04T11:35:13.681Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Advant MOD 300 AdvaBuild", "vendor": "ABB", "versions": [{"lessThanOrEqual": "3.7 SP2", "status": "affected", "version": "3.0", "versionType": "update"}]}], "datePublic": "2024-07-22T17:33:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nAdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables. <br><br>Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.<p>This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.</p>"}], "value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB", "dateUpdated": "2024-07-23T17:36:51.458Z"}, "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n<br>\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n<br><br>All the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n<br><br>ABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system.\n\n<br>"}], "value": "ABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n\n\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n\n\nAll the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n\n\nABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system."}], "source": {"discovery": "UNKNOWN"}, "title": "Elevation of Privilege", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "abb", "product": "advabuild", "cpes": ["cpe:2.3:a:abb:advabuild:*:*:*:*:*:*:mod_300:*"], "defaultStatus": "unknown", "versions": [{"version": "3.0", "status": "affected", "lessThanOrEqual": "3.7sp2", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-23T18:09:49.474898Z", "id": "CVE-2020-11640", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-24T19:00:53.120Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:35:13.681Z"}, "title": "CVE Program Container", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:35:13.681Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-11640", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-23T18:09:49.474898Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:abb:advabuild:*:*:*:*:*:*:mod_300:*"], "vendor": "abb", "product": "advabuild", "versions": [{"status": "affected", "version": "3.0", "versionType": "custom", "lessThanOrEqual": "3.7sp2"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T18:48:23.721Z"}}], "cna": {"title": "Elevation of Privilege", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ABB", "product": "Advant MOD 300 AdvaBuild", "versions": [{"status": "affected", "version": "3.0", "versionType": "update", "lessThanOrEqual": "3.7 SP2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "ABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n\n\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n\n\nAll the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n\n\nABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system.", "supportingMedia": [{"type": "text/html", "value": "\n\nABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service\naccounts.\n\n<br>\n\nPlease note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where\nAdvaBuild is used.\n<br><br>All the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021.\n<br><br>ABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the \u201cMitigating factors\u201d listed below as this will\nrestrict or prevent an attacker\u2019s ability to compromise the system.\n\n<br>", "base64": false}]}], "datePublic": "2024-07-22T17:33:00.000Z", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.", "supportingMedia": [{"type": "text/html", "value": "\n\nAdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables. <br><br>Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.<p>This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB", "dateUpdated": "2024-07-23T17:36:51.458Z"}}}, "cveMetadata": {"cveId": "CVE-2020-11640", "state": "PUBLISHED", "dateUpdated": "2024-08-04T11:35:13.681Z", "dateReserved": "2020-04-08T00:00:00.000Z", "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "datePublished": "2024-07-23T17:36:51.458Z", "assignerShortName": "ABB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:abb:advabuild:*:*:*:*:*:advant_mod_300:*:*", "matchCriteriaId": "2B2DD8A5-17FB-4CCF-ABC0-2388B43D07F2", "versionEndExcluding": "3.7", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:advabuild:3.7:-:*:*:*:advant_mod_300:*:*", "matchCriteriaId": "88348546-89FF-4F82-8246-F9E08B585C78", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:advabuild:3.7:sp1:*:*:*:advant_mod_300:*:*", "matchCriteriaId": "4E2D62C1-9F2D-42D5-997B-0880469C82E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:abb:advabuild:3.7:sp2:*:*:*:advant_mod_300:*:*", "matchCriteriaId": "9D462F34-AD38-4EA0-97CE-9FE7A558920F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the\ncommand queue can use it to launch an attack by running any executable on the AdvaBuild node. The\nexecutables that can be run are not limited to AdvaBuild specific executables.\u00a0\n\nImproper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2."}, {"lang": "es", "value": "AdvaBuild utiliza una cola de comandos para iniciar determinadas operaciones. Un atacante que obtenga acceso a la cola de comandos puede usarla para lanzar un ataque ejecutando cualquier ejecutable en el nodo AdvaBuild. Los ejecutables que se pueden ejecutar no se limitan a ejecutables espec\u00edficos de AdvaBuild. Vulnerabilidad de gesti\u00f3n de privilegios inadecuada en ABB Advant MOD 300 AdvaBuild. Este problema afecta a Advant MOD 300 AdvaBuild: desde 3.0 hasta 3.7 SP2."}], "id": "CVE-2020-11640", "lastModified": "2025-12-19T15:57:45.533", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}, "published": "2024-07-23T18:15:05.083", "references": [{"source": "cybersecurity@ch.abb.com", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177"}], "sourceIdentifier": "cybersecurity@ch.abb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}