CVE-2020-11640

Elevation of Privilege

Description

AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables.  Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.

Remediation

Solution:

  • ABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service accounts. Please note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where AdvaBuild is used. All the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021. ABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the “Mitigating factors” listed below as this will restrict or prevent an attacker’s ability to compromise the system.

Category

8.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.16%
Affected: ABB Advant MOD 300 AdvaBuild
Published at:
Updated at:

References

Link Tags
https://search.abb.com/library/Download.aspx?DocumentID=3BUA003421&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.200044199.882581162.1721753430-284724496.1718609177

Frequently Asked Questions

What is the severity of CVE-2020-11640?
CVE-2020-11640 has been scored as a high severity vulnerability.
How to fix CVE-2020-11640?
To fix CVE-2020-11640: ABB recommends changing any user account passwords which are suspected to be known by an unauthorized person. Interactive logon (both local and remote) is recommended to be disabled for service accounts. Please note that the vulnerability can only be exploited by authenticated users, so customers are recommended to ensure that only authorized persons have access to user accounts for the computers where AdvaBuild is used. All the vulnerabilities have been corrected in AdvaBuild version 3.7 SP3 released in April 2021. ABB recommends that customers apply the update at earliest convenience. Users who are unable to install the update should immediately look to implement the “Mitigating factors” listed below as this will restrict or prevent an attacker’s ability to compromise the system.
Is CVE-2020-11640 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2020-11640 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-11640?
CVE-2020-11640 affects ABB Advant MOD 300 AdvaBuild.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.