CVE-2023-0426: Stack overflow in filename or in boundary
First published: Mon Aug 07 2023(Updated: )
ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible. Stack-based Buffer Overflow vulnerability in ABB Freelance controllers AC 700F (conroller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F: from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019 , through Freelance 2019 SP1, through Freelance 2019 SP1 FP1; Freelance controllers AC 900F: through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1.
Credit: cybersecurity@ch.abb.com cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Abb Ac700f Firmware | >=9.0.0<9.2.0 | |
| Abb Ac700f Firmware | =9.2.0 | |
| Abb Ac700f Firmware | =9.2.0-sp1 | |
| Abb Ac700f | ||
| Abb Freelance 2013 | ||
| Abb Freelance 2013 | =sp1 | |
| Abb Freelance 2016 | ||
| Abb Freelance 2016 | =sp1 | |
| Abb Freelance 2019 | ||
| Abb Freelance 2019 | =sp1 | |
| Abb Freelance 2019 | =sp1_fp1 | |
| Abb Ac900f |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-0426?
CVE-2023-0426 is a vulnerability that affects ABB products and could allow an attacker to stop or disrupt the product.
Which ABB products are affected by CVE-2023-0426?
The ABB products affected by CVE-2023-0426 include ABB AC700F Firmware versions 9.0.0 to 9.2.0, ABB Freelance 2013, ABB Freelance 2016, and ABB Freelance 2019.
What is the severity of CVE-2023-0426?
The severity of CVE-2023-0426 is high, with a CVSS score of 7.5.
Is there a fix available for CVE-2023-0426?
Yes, there is an update available that resolves the vulnerabilities associated with CVE-2023-0426 in the product versions under maintenance.
Where can I find more information about CVE-2023-0426?
You can find more information about CVE-2023-0426 [here](https://search.abb.com/library/Download.aspx?DocumentID=7PAA007517&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.68514131.339223974.1691382343-1911411808.1686627590).
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/title
- agent/severity
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/abb
- canonical/abb ac700f firmware
- version/abb ac700f firmware/9.0.0
- version/abb ac700f firmware/9.2.0
- version/abb ac700f firmware/9.2.0-sp1
- canonical/abb ac700f
- canonical/abb freelance 2013
- version/abb freelance 2013/sp1
- canonical/abb freelance 2016
- version/abb freelance 2016/sp1
- canonical/abb freelance 2019
- version/abb freelance 2019/sp1
- version/abb freelance 2019/sp1_fp1
- canonical/abb ac900f