CVE-2023-3324

MEDIUM

6.3

Description

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

CVE Details

CVSS v3.1 Score6.3

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:H

Attack VectorLOCAL

ComplexityHIGH

Privileges RequiredLOW

User InteractionREQUIRED

Published7/24/2023

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

abb:zenon

Weaknesses (CWE)

CWE-502

References

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(cybersecurity@ch.abb.com)

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.