Abb Zenon vulnerabilities

CVE-2023-3321 [HIGH] CWE-15 CVE-2023-3321: A vulnerability exists by allowing low-privileged users to read and update the data in various dire A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build throu

CVE-2023-3324 [MEDIUM] CWE-502 CVE-2023-3324: A vulnerability exists by allowing low-privileged users to read and update the data in various dire A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build th

CVE-2023-3322 [HIGH] CWE-732 CVE-2023-3322: A vulnerability exists by allowing low-privileged users to read and update the data in various dire A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build thro

CVE-2023-3323 [MEDIUM] CWE-276 CVE-2023-3323: A vulnerability exists by allowing low-privileged users to read and update the data in various dire A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build th

CVE-2022-34838 [HIGH] CWE-257 CVE-2022-34838: Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who suc Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.

CVE-2022-34836 [MEDIUM] CWE-23 CVE-2022-34836: Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. An attacker who successfully exploit the vulnerability could access the Zenon runtime activities such as the start and stop of various activity and the last error code etc.

CVE-2022-34837 [MEDIUM] CWE-257 CVE-2022-34837: Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who suc Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.