CVE-2022-34838: ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control
First published: Wed Aug 24 2022(Updated: )
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB Zenon | <=8.20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-34838?
CVE-2022-34838 is a vulnerability in ABB Zenon 8.20 that allows an attacker to add or alter data points and corresponding attributes by exploiting the vulnerability of storing passwords in a recoverable format.
How severe is CVE-2022-34838?
CVE-2022-34838 has a severity score of 8.4, indicating a high severity.
Which software is affected by CVE-2022-34838?
ABB Zenon version 8.20 is affected by CVE-2022-34838.
How can an attacker exploit CVE-2022-34838?
An attacker can successfully exploit CVE-2022-34838 by exploiting the vulnerability of storing passwords in a recoverable format in ABB Zenon 8.20.
Is there a fix for CVE-2022-34838?
Please refer to the official ABB Zenon documentation or contact ABB for instructions on how to fix the CVE-2022-34838 vulnerability.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- vendor/abb
- canonical/abb zenon
- version/abb zenon/8.20