CVE-2021-22284 HIGH

CVE-2021-22284: SECURITY - OPC Server for AC 800M - Remote Code Execution Vulnerability

Vendor Abb
Product 800xA, Control Software for AC 800M OPC Server for AC 800M
Weakness CWE-732
Published February 4, 2022
Last update September 16, 2024

CVSS base score

8.4/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server.

Key dates

02Disclosure timeline

February 4, 2022 CVE published
September 16, 2024 Record updated