CVE-2023-3322

HIGH

7.0

Descricao

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

Detalhes CVE

Pontuacao CVSS v3.17.0

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueLOCAL

ComplexidadeHIGH

Privilegios necessariosLOW

Interacao do usuarioNONE

Publicado7/24/2023

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

abb:zenon

Fraquezas (CWE)

CWE-732

Referencias

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(cybersecurity@ch.abb.com)

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.