Sign-up

ID

VAR-202307-2024


CVE

CVE-2023-3321


TITLE

ABB Abilit zenon Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202307-1961

DESCRIPTION

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

Trust: 1.0

sources: NVD: CVE-2023-3321

AFFECTED PRODUCTS

vendor:abbmodel:zenonscope:lteversion:11.0.0

Trust: 1.0

sources: NVD: CVE-2023-3321

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-3321
value: HIGH

Trust: 1.0

cybersecurity@ch.abb.com: CVE-2023-3321
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2023-3321
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

cybersecurity@ch.abb.com: CVE-2023-3321
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2023-3321 // NVD: CVE-2023-3321

PROBLEMTYPE DATA

problemtype:CWE-15

Trust: 1.0

sources: NVD: CVE-2023-3321

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202307-1961

EXTERNAL IDS

db:NVDid:CVE-2023-3321

Trust: 1.6

db:CNNVDid:CNNVD-202307-1961

Trust: 0.6

sources: CNNVD: CNNVD-202307-1961 // NVD: CVE-2023-3321

REFERENCES

url:https://search.abb.com/library/download.aspx?documentid=2nga001801&languagecode=en&documentpartid=&action=launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590

Trust: 1.6

url:https://cxsecurity.com/cveshow/cve-2023-3321/

Trust: 0.6

sources: CNNVD: CNNVD-202307-1961 // NVD: CVE-2023-3321

SOURCES

db:CNNVDid:CNNVD-202307-1961
db:NVDid:CVE-2023-3321

LAST UPDATE DATE

2024-08-14T14:17:02.205000+00:00


SOURCES UPDATE DATE

db:CNNVDid:CNNVD-202307-1961date:2023-07-25T00:00:00
db:NVDid:CVE-2023-3321date:2023-08-02T13:30:17.170

SOURCES RELEASE DATE

db:CNNVDid:CNNVD-202307-1961date:2023-07-24T00:00:00
db:NVDid:CVE-2023-3321date:2023-07-24T18:15:23.453