Symphony Historian
CVE-2020-24673
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability.
AnalysisAI
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability. Affected products include: Abb Symphony \+ Historian, Abb Symphony \+ Operations.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.
More in Symphony Historian
View allThe affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which reli
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. Rated critical severity (CVSS
In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations Histo
An authenticated user might execute malicious code under the user context and take control of the system. Rated high sev
Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privile
In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Rated high sever
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stor
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today