Sign-up

ID

VAR-201909-1545


TITLE

ABB zenon Editor has dll hijacking vulnerability

Trust: 0.6

sources: CNVD: CNVD-2019-30358

DESCRIPTION

The ABB Group ranks among the world's top 500 companies and is headquartered in Zurich, Switzerland, dedicated to providing solutions for customers in the industrial and power industries. ABB zenon Editor has a dll hijacking vulnerability that can be used by attackers to gain server permissions

Trust: 0.72

sources: CNVD: CNVD-2019-30358 // IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195 // CNVD: CNVD-2019-30358

AFFECTED PRODUCTS

vendor:abbmodel:group zenon editor bitscope:eqversion:v7.5032

Trust: 0.8

sources: IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195 // CNVD: CNVD-2019-30358

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2019-30358
value: HIGH

Trust: 0.6

IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195
value: HIGH

Trust: 0.2

CNVD: CNVD-2019-30358
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195 // CNVD: CNVD-2019-30358

TYPE

Code injection

Trust: 0.2

sources: IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195

PATCH

title:ABB zenon Editor has dll hijacking vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/177347

Trust: 0.6

sources: CNVD: CNVD-2019-30358

EXTERNAL IDS

db:CNVDid:CNVD-2019-30358

Trust: 0.8

db:IVDid:E3EB32BF-24D2-4B8F-95CE-A6239514B195

Trust: 0.2

sources: IVD: e3eb32bf-24d2-4b8f-95ce-a6239514b195 // CNVD: CNVD-2019-30358

SOURCES

db:IVDid:e3eb32bf-24d2-4b8f-95ce-a6239514b195
db:CNVDid:CNVD-2019-30358

LAST UPDATE DATE

2022-05-17T01:45:07.032000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-30358date:2019-09-05T00:00:00

SOURCES RELEASE DATE

db:IVDid:e3eb32bf-24d2-4b8f-95ce-a6239514b195date:2019-09-04T00:00:00
db:CNVDid:CNVD-2019-30358date:2019-10-06T00:00:00