CVE-2023-3322: Code Execution through overwriting service executable in utilities directory
First published: Mon Jul 24 2023(Updated: )
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.
Credit: cybersecurity@ch.abb.com cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB Zenon | <=11.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-3322?
CVE-2023-3322 is a vulnerability that allows low-privileged users to read and update data in various directories used by the Zenon system.
What is the severity of CVE-2023-3322?
CVE-2023-3322 has a severity value of 8.1, which is categorized as high.
Which software is affected by CVE-2023-3322?
The ABB Zenon software up to version 11.0.0 is affected by CVE-2023-3322.
How can CVE-2023-3322 be exploited?
CVE-2023-3322 can be exploited by using specially crafted programs to run on the Zenon installed hosts.
Is there a fix for CVE-2023-3322?
To fix CVE-2023-3322, it is recommended to update the ABB Zenon software to a version beyond 11.0.0.
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-latest
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/abb
- canonical/abb zenon
- version/abb zenon/11.0.0