What is CVE-2023-1258?

CVE-2023-1258 is a vulnerability that allows the exposure of sensitive information to an unauthorized actor in ABB Flow-X firmware on Flow-X embedded hardware (web service modules).

Which software versions are affected by CVE-2023-1258?

CVE-2023-1258 affects Flow-X firmware versions before 4.0.

What is the severity of CVE-2023-1258?

CVE-2023-1258 has a severity rating of 5.3, which is considered medium.

How does CVE-2023-1258 vulnerability allow Footprinting?

CVE-2023-1258 vulnerability in ABB Flow-X firmware allows an unauthorized actor to conduct Footprinting, which involves gathering information about a target system.

How can I fix CVE-2023-1258 vulnerability?

To fix CVE-2023-1258 vulnerability, it is recommended to update to Flow-X firmware version 4.0 or later.

Vulnerability/
CVE-2023-1258

Exploited

medium

5.3

CWE

200

31/3/2023

2/8/2024

CVE-2023-1258: Flow-X disclosure of sensitive information to unauthenticated users

First published: Fri Mar 31 2023(Updated: )

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before 4.0.

Credit: Paul Smith cybersecurity@ch.abb.com cybersecurity@ch.abb.com

Affected Software	Affected Version	How to fix
Abb Flow-x\/m Firmware	<=3.2.6
Abb Flow-x\/m
Abb Flow-x\/c Firmware	<=3.2.6
Abb Flow-x\/c
Abb Flow-x\/k Firmware	<=3.2.6
Abb Flow-x\/k
Abb Flow-x\/s Firmware	<=3.2.6
Abb Flow-x\/s
Abb Flow-x\/p Firmware	<=3.2.6
Abb Flow-x\/p
Abb Flow-x R Firmware	<=3.2.6
Abb Flow-x R
Abb Flow-x\/t Firmware	<=3.2.6
Abb Flow-x\/t
Abb Flow-x\/web Firmware	<=3.2.6
Abb Flow-x\/web

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2023-1258?
CVE-2023-1258 is a vulnerability that allows the exposure of sensitive information to an unauthorized actor in ABB Flow-X firmware on Flow-X embedded hardware (web service modules).
Which software versions are affected by CVE-2023-1258?
CVE-2023-1258 affects Flow-X firmware versions before 4.0.
What is the severity of CVE-2023-1258?
CVE-2023-1258 has a severity rating of 5.3, which is considered medium.
How does CVE-2023-1258 vulnerability allow Footprinting?
CVE-2023-1258 vulnerability in ABB Flow-X firmware allows an unauthorized actor to conduct Footprinting, which involves gathering information about a target system.
How can I fix CVE-2023-1258 vulnerability?
To fix CVE-2023-1258 vulnerability, it is recommended to update to Flow-X firmware version 4.0 or later.

exploited/true
collector/exploitdb-recent
alias/CVE-2023-1258
collector/nvd-api
collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/references
agent/title
agent/last-modified-date
agent/severity
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/abb
canonical/abb flow-x\/m firmware
version/abb flow-x\/m firmware/3.2.6
canonical/abb flow-x\/m
canonical/abb flow-x\/c firmware
version/abb flow-x\/c firmware/3.2.6
canonical/abb flow-x\/c
canonical/abb flow-x\/k firmware
version/abb flow-x\/k firmware/3.2.6
canonical/abb flow-x\/k
canonical/abb flow-x\/s firmware
version/abb flow-x\/s firmware/3.2.6
canonical/abb flow-x\/s
canonical/abb flow-x\/p firmware
version/abb flow-x\/p firmware/3.2.6
canonical/abb flow-x\/p
canonical/abb flow-x r firmware
version/abb flow-x r firmware/3.2.6
canonical/abb flow-x r
canonical/abb flow-x\/t firmware
version/abb flow-x\/t firmware/3.2.6
canonical/abb flow-x\/t
canonical/abb flow-x\/web firmware
version/abb flow-x\/web firmware/3.2.6
canonical/abb flow-x\/web