CVE-2023-3321

CWE-153 documents3 sources
Severity
8.8HIGH
EPSS
0.1%
top 68.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ABB ABB Ability™ ZenonABB Zenon
Timeline
PublishedJul 24

Description

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages2 packages

CVEListV5abb/abb_ability™_zenon11 build 11 build 106404
NVDabb/zenon11.0.0

🔴Vulnerability Details

2
CVEList
Code Execution through Writable Mosquitto Configuration File2023-07-24
GHSA
GHSA-32mx-3mqx-p47v: A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system2023-07-24
CVE-2023-3321 (HIGH CVSS 8.8) | A vulnerability exists by allowing | cvebase.io