Sign-up

ID

VAR-202307-2025


CVE

CVE-2023-3323


TITLE

ABB Abilit zenon Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202307-1955

DESCRIPTION

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

Trust: 1.0

sources: NVD: CVE-2023-3323

AFFECTED PRODUCTS

vendor:abbmodel:zenonscope:lteversion:11.0.0

Trust: 1.0

sources: NVD: CVE-2023-3323

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-3323
value: MEDIUM

Trust: 1.0

cybersecurity@ch.abb.com: CVE-2023-3323
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2023-3323
baseSeverity: MEDIUM
baseScore: 5.4
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.5
version: 3.1

Trust: 1.0

cybersecurity@ch.abb.com: CVE-2023-3323
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
attackVector: PHYSICAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.4
impactScore: 5.5
version: 3.1

Trust: 1.0

sources: NVD: CVE-2023-3323 // NVD: CVE-2023-3323

PROBLEMTYPE DATA

problemtype:CWE-276

Trust: 1.0

sources: NVD: CVE-2023-3323

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202307-1955

EXTERNAL IDS

db:NVDid:CVE-2023-3323

Trust: 1.6

db:CNNVDid:CNNVD-202307-1955

Trust: 0.6

sources: CNNVD: CNNVD-202307-1955 // NVD: CVE-2023-3323

REFERENCES

url:https://search.abb.com/library/download.aspx?documentid=2nga001801&languagecode=en&documentpartid=&action=launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590

Trust: 1.6

url:https://cxsecurity.com/cveshow/cve-2023-3323/

Trust: 0.6

sources: CNNVD: CNNVD-202307-1955 // NVD: CVE-2023-3323

SOURCES

db:CNNVDid:CNNVD-202307-1955
db:NVDid:CVE-2023-3323

LAST UPDATE DATE

2024-08-14T15:41:40.027000+00:00


SOURCES UPDATE DATE

db:CNNVDid:CNNVD-202307-1955date:2023-07-25T00:00:00
db:NVDid:CVE-2023-3323date:2023-08-01T21:07:23.737

SOURCES RELEASE DATE

db:CNNVDid:CNNVD-202307-1955date:2023-07-24T00:00:00
db:NVDid:CVE-2023-3323date:2023-07-24T18:15:23.627