An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability. Vulnerability allows attacker to stop the PLC. After stopping (ERR LED flashing red), physical access to the PLC is required in order to restart the application. This issue affects: ABB AC500 V2 products with onboard Ethernet version 2.8.4 and prior versions.

Related CVEs

CVE-2020-24685

Key Information

GHSA ID

GHSA-cvwc-6hv2-wv97

Published

May 24, 2022 5:41 PM

Last Modified

May 24, 2022 5:41 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 27, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.