CVE-2023-3323
low-risk
Published 2023-07-24
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.
Do I need to act?
-
0.18% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
PHYSICAL
/ HIGH complexity
Affected Products (1)
Zenon
Affected Vendors
21
/ 100
low-risk
Severity
15/34 · Moderate
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal