CVE-2023-3324

MEDIUM

6.3

Description

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

Details CVE

Score CVSS v3.16.3

SeveriteMEDIUM

Vecteur CVSSCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:H

Vecteur d'attaqueLOCAL

ComplexiteHIGH

Privileges requisLOW

Interaction utilisateurREQUIRED

Publie7/24/2023

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

abb:zenon

Faiblesses (CWE)

CWE-502

References

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(cybersecurity@ch.abb.com)

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.