7 matches found
CVE-2023-3324
CVE-2023-3324 affects ABB Ability zenon, versions 11 build through 11 build 106404. The vulnerability allows low-privileged users to read and update data in various zenon directories, with exploitation described as requiring specially crafted programs running on zenon-installed hosts. Some source...
CVE-2022-34838
CVE-2022-34838 affects ABB Zenon 8.20 (and prior per CNNVD) with a vulnerability described as storing passwords in a recoverable format. The issue allows an attacker to add or alter data points and corresponding attributes; once such engineering data is used, the data visualization can be altered...
CVE-2023-3321
CVE-2023-3321 affects ABB Ability zenon, versions 11 build through 11 build 106404. The issue allows low-privileged users to read and update data in various zenon directories due to errors in system settings/config, with impact on confidentiality, integrity, and availability stated as high. No ex...
CVE-2023-3322
CVE-2023-3322 affects ABB Ability zenon, versions 11 build through 11 build 106404. Root cause: incorrect permission assignments allowing low-privileged users to read and update data in various zenon directories, potentially enabling arbitrary code execution on hosts with zenon installed. Impact:...
CVE-2022-34836
The CVE-2022-34836 vulnerability affects ABB Zenon version 8.20 and earlier, describing a Relative Path Traversal that lets an attacker access files on the Zenon system and inject log messages (potentially flooding logs). This may enable viewing Zenon runtime activities, such as starting/stopping...
CVE-2023-3323
CVE-2023-3323 affects ABB Ability zenon versions 11 build through 11 build 106404. The vulnerability permits low-privilege users to read and update data in various zenon directories; exploitation is described as using specially crafted programs on zenon-installed hosts. The provided connected doc...
CVE-2022-34837
ABB Zenon 8.20 is affected by a local-attack vulnerability described as a recoverable-password storage issue. An attacker with local access and low privileges can add network clients to monitor Zenon activities (CVE-2022-34837; CVSS vectors indicate Local access, Low privileges, no user interacti...