OpenCVE

Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Br-automation	Automation Net\/pvi Automation Studio
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:br-automation:automation_studio::::::::
	cpe:2.3:a:br-automation:automation_studio::::::::
	cpe:2.3:a:br-automation:automation_studio::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:a:br-automation:automation_net\/pvi::::::::
	cpe:2.3:a:br-automation:automation_net\/pvi::::::::
	cpe:2.3:a:br-automation:automation_net\/pvi::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.br-automation.com/fileadmin/2021-14-BR-AS-NET-PVI-Service-Issues-c3710fbf.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: ABB

Published: 2024-02-02T07:11:44.086Z

Updated: 2024-08-04T15:19:09.304Z

Reserved: 2020-08-26T00:00:00.000Z

Link: CVE-2020-24682

Vulnrichment

No data.

NVD

Status : Modified

Published: 2024-02-02T08:15:45.573

Modified: 2024-11-21T05:15:45.333

Link: CVE-2020-24682

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2020-24682", "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "state": "PUBLISHED", "assignerShortName": "ABB", "dateReserved": "2020-08-26T00:00:00.000Z", "datePublished": "2024-02-02T07:11:44.086Z", "dateUpdated": "2024-08-04T15:19:09.304Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Automation Studio", "vendor": "B&R Industrial Automation", "versions": [{"lessThanOrEqual": "4.6", "status": "affected", "version": "4.0", "versionType": "custom"}, {"lessThan": "4.7.7 SP", "status": "affected", "version": "4.7.0", "versionType": "custom"}, {"lessThan": "4.8.6 SP", "status": "affected", "version": "4.8.0", "versionType": "custom"}, {"lessThan": "4.9.4 SP", "status": "affected", "version": "4.9.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "NET/PVI", "vendor": "B&R Industrial Automation", "versions": [{"lessThanOrEqual": "4.6", "status": "affected", "version": "4.0", "versionType": "custom"}, {"lessThan": "4.7.7", "status": "affected", "version": "4.7.0", "versionType": "custom"}, {"lessThan": "4.8.6", "status": "affected", "version": "4.8.0", "versionType": "custom"}, {"lessThan": "4.9.4", "status": "affected", "version": "4.9.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "B&R would like to thank the following for working with us to help protect our customers: Mr. Andrew Hofmans"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.<p>This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4.</p>"}], "value": "Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4.\n\n"}], "impacts": [{"capecId": "CAPEC-69", "descriptions": [{"lang": "en", "value": "CAPEC-69 Target Programs with Elevated Privileges"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-428", "description": "CWE-428 Unquoted Search Path or Element", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB", "dateUpdated": "2024-02-02T11:30:17.773Z"}, "references": [{"url": "https://www.br-automation.com/fileadmin/2021-14-BR-AS-NET-PVI-Service-Issues-c3710fbf.pdf"}], "source": {"discovery": "UNKNOWN"}, "title": "Automation Studio and PVI Multiple unquoted service path vulnerabilities", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\nB&R has identified the following specific workarounds and mitigations.\nUsers of B&R Automation Studio and PVI may manually reconfigure the service paths and enclose them \nin quotes.\nAdditionally, it is recommended to limit access to the workstation running B&R Automation Studio and PVI \nto authorized users\n\n\n\n<br>"}], "value": "\n\n\nB&R has identified the following specific workarounds and mitigations.\nUsers of B&R Automation Studio and PVI may manually reconfigure the service paths and enclose them \nin quotes.\nAdditionally, it is recommended to limit access to the workstation running B&R Automation Studio and PVI \nto authorized users\n\n\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:19:09.304Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.br-automation.com/fileadmin/2021-14-BR-AS-NET-PVI-Service-Issues-c3710fbf.pdf", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "436F71CF-DD09-4E65-BB95-BF2C4A19E40A", "versionEndExcluding": "4.7.7.74", "vulnerable": true}, {"criteria": "cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "04F8420B-E58C-4C17-B47B-15356571E650", "versionEndExcluding": "4.8.6.30", "versionStartIncluding": "4.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:br-automation:automation_studio:*:*:*:*:*:*:*:*", "matchCriteriaId": "0515B5D7-8B71-4D6E-B0E1-4E61B930A54E", "versionEndExcluding": "4.9.4.92", "versionStartIncluding": "4.9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:br-automation:automation_net\\/pvi:*:*:*:*:*:*:*:*", "matchCriteriaId": "2217CBD5-3C47-48F0-B820-478382164B6A", "versionEndExcluding": "4.7.7", "versionStartIncluding": "4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:br-automation:automation_net\\/pvi:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD9047EE-9E8A-43F5-8DB5-3AE830E423C3", "versionEndExcluding": "4.8.6", "versionStartIncluding": "4.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:br-automation:automation_net\\/pvi:*:*:*:*:*:*:*:*", "matchCriteriaId": "742952BE-1FB2-478F-94A7-D32F4A063992", "versionEndExcluding": "4.9.4", "versionStartIncluding": "4.9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unquoted Search Path or Element vulnerability in B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI allows Target Programs with Elevated Privileges.This issue affects Automation Studio: from 4.0 through 4.6, from 4.7.0 before 4.7.7 SP, from 4.8.0 before 4.8.6 SP, from 4.9.0 before 4.9.4 SP; NET/PVI: from 4.0 through 4.6, from 4.7.0 before 4.7.7, from 4.8.0 before 4.8.6, from 4.9.0 before 4.9.4.\n\n"}, {"lang": "es", "value": "Vulnerabilidad de elemento o ruta de b\u00fasqueda sin comillas en B&R Industrial Automation Automation Studio, B&R Industrial Automation NET/PVI permite programas de destino con privilegios elevados. Este problema afecta a Automation Studio: desde 4.6.0 hasta 4.6.X, desde 4.7.0 antes de 4.7.7 SP , desde 4.8.0 antes de 4.8.6 SP, desde 4.9.0 antes de 4.9.4 SP; NET/PVI: desde 4.6.0 hasta 4.6.X, desde 4.7.0 antes de 4.7.7, desde 4.8.0 antes de 4.8.6, desde 4.9.0 antes de 4.9.4."}], "id": "CVE-2020-24682", "lastModified": "2024-11-21T05:15:45.333", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 6.0, "source": "cybersecurity@ch.abb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-02T08:15:45.573", "references": [{"source": "cybersecurity@ch.abb.com", "tags": ["Vendor Advisory"], "url": "https://www.br-automation.com/fileadmin/2021-14-BR-AS-NET-PVI-Service-Issues-c3710fbf.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.br-automation.com/fileadmin/2021-14-BR-AS-NET-PVI-Service-Issues-c3710fbf.pdf"}], "sourceIdentifier": "cybersecurity@ch.abb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-428"}], "source": "cybersecurity@ch.abb.com", "type": "Secondary"}]}