First published: Mon Aug 07 2023(Updated: )
ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible. Numeric Range Comparison Without Minimum Check vulnerability in ABB Freelance controllers AC 700F (Controller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F: from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1; Freelance controllers AC 900F: Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1.
Credit: cybersecurity@ch.abb.com cybersecurity@ch.abb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Abb Ac700f Firmware | >=9.0.0<9.2.0 | |
Abb Ac700f Firmware | =9.2.0 | |
Abb Ac700f Firmware | =9.2.0-sp1 | |
Abb Ac700f | ||
Abb Freelance 2013 | ||
Abb Freelance 2013 | =sp1 | |
Abb Freelance 2016 | ||
Abb Freelance 2016 | =sp1 | |
Abb Freelance 2019 | ||
Abb Freelance 2019 | =sp1 | |
Abb Freelance 2019 | =sp1_fp1 | |
Abb Ac900f |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-0425 is a high severity vulnerability affecting ABB products.
CVE-2023-0425 can cause the affected ABB products to stop or become unresponsive.
ABB AC700F Firmware versions 9.0.0 to 9.2.0, Abb Freelance 2013, Abb Freelance 2016, and Abb Freelance 2019 are affected by CVE-2023-0425.
CVE-2023-0425 has a severity rating of 7.5 (High).
ABB has released an update that resolves the vulnerabilities associated with CVE-2023-0425. Please refer to the ABB security advisory for more information.