Lucene search

ABBCVELIST:CVE-2023-3323

HistoryJul 24, 2023 - 5:17 p.m.

CVE-2023-3323 Code Execution through overwriting project file on zenon engineering studio system

2023-07-2417:17:09

CWE-276

ABB

www.cve.org

cve-2023-3323

code execution

overwriting project file

zenon engineering studio

vulnerability

abb ability zenon

5.9 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H

5.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.7%

JSON

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted
programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.
This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "ABB Ability™ zenon",
    "vendor": "ABB",
    "versions": [
      {
        "lessThanOrEqual": "11 build 106404",
        "status": "affected",
        "version": "11 build ",
        "versionType": "custom"
      }
    ]
  }
]

References

search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590

5.9 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H

5.9 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.7%

JSON

Related for CVELIST:CVE-2023-3323