CVE-2023-3322

Name of the Vulnerable Software and Affected Versions ABB Ability zenon versions 11 build through 11 build 106404

Description A vulnerability exists in the zenon system, allowing low-privileged users to read and update data in various directories. This issue can be exploited by attackers using specially crafted programs to run on hosts with zenon installed, potentially allowing them to execute arbitrary code. The vulnerability is related to incorrect permission assignment for a critical resource.

Recommendations For versions 11 build through 11 build 106404, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to critical directories and resources used by the zenon system to minimize the risk of exploitation. Avoid allowing low-privileged users to run specially crafted programs on hosts with zenon installed until the issue is resolved.