CVE-2023-3324 — MEDIUM (6.3)

Q: How severe is CVE-2023-3324?

CVE-2023-3324 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-3324?

Check the references section above for vendor advisories and patch information. Affected products include: Abb Zenon.

Vulnerability Description

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

CVSS Score

6.3

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Abb	Zenon	<= 11.0.0

Related Weaknesses (CWE)

CWE-502

References

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=MitigationTechnical DescriptionVendor Advisory
https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=MitigationTechnical DescriptionVendor Advisory

FAQ

What is CVE-2023-3324?

CVE-2023-3324 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially cra...

How severe is CVE-2023-3324?

CVE-2023-3324 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-3324?

Check the references section above for vendor advisories and patch information. Affected products include: Abb Zenon.