CVE-2023-3324

MEDIUM

6.3

Beschreibung

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

CVE Details

CVSS v3.1 Bewertung6.3

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:H

AngriffsvektorLOCAL

KomplexitatHIGH

Erforderliche PrivilegienLOW

BenutzerinteraktionREQUIRED

Veroffentlicht7/24/2023

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

abb:zenon

Schwachen (CWE)

CWE-502

Referenzen

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(cybersecurity@ch.abb.com)

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.