8.6
CWE
839
Advisory Published
Updated

CVE-2023-0425: Buffer overflow in global memory region

First published: Mon Aug 07 2023(Updated: )

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible.  Numeric Range Comparison Without Minimum Check vulnerability in ABB Freelance controllers AC 700F (Controller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F:  from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1;  Freelance controllers AC 900F:  Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1.

Credit: cybersecurity@ch.abb.com cybersecurity@ch.abb.com

Affected SoftwareAffected VersionHow to fix
Abb Ac700f Firmware>=9.0.0<9.2.0
Abb Ac700f Firmware=9.2.0
Abb Ac700f Firmware=9.2.0-sp1
Abb Ac700f
Abb Freelance 2013
Abb Freelance 2013=sp1
Abb Freelance 2016
Abb Freelance 2016=sp1
Abb Freelance 2019
Abb Freelance 2019=sp1
Abb Freelance 2019=sp1_fp1
Abb Ac900f

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2023-0425?

    CVE-2023-0425 is a high severity vulnerability affecting ABB products.

  • How does CVE-2023-0425 affect ABB products?

    CVE-2023-0425 can cause the affected ABB products to stop or become unresponsive.

  • Which ABB products are affected by CVE-2023-0425?

    ABB AC700F Firmware versions 9.0.0 to 9.2.0, Abb Freelance 2013, Abb Freelance 2016, and Abb Freelance 2019 are affected by CVE-2023-0425.

  • What is the severity of CVE-2023-0425?

    CVE-2023-0425 has a severity rating of 7.5 (High).

  • How can I fix CVE-2023-0425?

    ABB has released an update that resolves the vulnerabilities associated with CVE-2023-0425. Please refer to the ABB security advisory for more information.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203