CVE-2023-3321: Code Execution through Writable Mosquitto Configuration File
First published: Mon Jul 24 2023(Updated: )
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.
Credit: cybersecurity@ch.abb.com cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB Zenon | <=11.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-3321?
CVE-2023-3321 is a vulnerability that allows low-privileged users to read and update data in various directories used by the Zenon system.
How does CVE-2023-3321 affect ABB Zenon?
CVE-2023-3321 affects ABB Zenon version 11.0.0.
What is the severity of CVE-2023-3321?
CVE-2023-3321 has a severity rating of 8.8, which is considered high.
How can an attacker exploit CVE-2023-3321?
An attacker can exploit CVE-2023-3321 by using specially crafted programs to run on the Zenon installed hosts.
Is there a fix for CVE-2023-3321?
Yes, you can find the fix for CVE-2023-3321 in the reference provided: https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-latest
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/abb
- canonical/abb zenon
- version/abb zenon/11.0.0