Vulnerabilities > ABB > Symphony Operations > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-22 | CVE-2020-24680 | Insufficiently Protected Credentials vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database. | 7.0 |
| 2020-12-22 | CVE-2020-24678 | Unspecified vulnerability in ABB Symphony + Historian and Symphony + Operations An authenticated user might execute malicious code under the user context and take control of the system. | 8.8 |
| 2020-12-22 | CVE-2020-24677 | Improper Check for Unusual or Exceptional Conditions vulnerability in ABB Symphony + Historian and Symphony + Operations Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data. | 8.8 |
| 2020-12-22 | CVE-2020-24676 | Unspecified vulnerability in ABB Symphony + Historian and Symphony + Operations In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. | 7.8 |
| 2020-12-22 | CVE-2020-24674 | Incorrect Authorization vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. | 8.8 |