CVE-2023-3321 (GCVE-0-2023-3321)
Vulnerability from cvelistv5
Published
2023-07-24 17:06
Modified
2024-10-24 15:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-15 - External Control of System or Configuration Setting
Summary
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted
programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.
This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ABB | ABB Ability™ zenon |
Version: 11 build < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:01.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.194142766.2067879716.1690216773-1911411808.1686627590"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3321",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T15:59:00.259510Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T15:59:10.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ABB Ability\u2122 zenon",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "11 build 106404",
"status": "affected",
"version": "11 build ",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ABB thanks Noam Moshe of Claroty Research - Team82, for helping to identify the vulnerabilities and protecting our customers."
}
],
"datePublic": "2023-07-23T18:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted\nprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.\u003cbr\u003e\u003cp\u003eThis issue affects ABB Ability\u2122 zenon: from 11 build through 11 build 106404.\u003c/p\u003e"
}
],
"value": "\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted\nprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.\nThis issue affects ABB Ability\u2122 zenon: from 11 build through 11 build 106404.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-15",
"description": "CWE-15: External Control of System or Configuration Setting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-24T17:06:31.093Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.194142766.2067879716.1690216773-1911411808.1686627590"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Code Execution through Writable Mosquitto Configuration File",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nABB recommends the following workarounds. Although these workarounds will not correct the underlying vulnerability, they block the known attack vectors.\n\u2022 For CVE-2023-3321, Recommended practices include that process control systems are physically protected,\nhave no direct connections to the Internet, and are separated from other networks by\nmeans of a firewall system that has a minimal number of ports exposed.\u0026nbsp; Remove the default directory permissions for \u2018Everyone\u2019 on the service grid, ABB utilities, and zenon_Projects directories and provide access only to specific users that are\nexpected to access zenon.\u0026nbsp; Install the IIoT services, which is, the Service grid component on a separate system.\u0026nbsp; Secure the ZEE600 related executable files in \u2018C:\\ProgramData\\ABB\\ABBUtilities\u2019 directory by removing the group named \u201cEveryone\u201d.\u0026nbsp; Ensure the group name \u201cEveryone\u201d should be removed from the following directory.\n\u2018C:\\ProgramData\\ABB\u2019.\u0026nbsp; Secure zenon_Projects directory by managing the access permissions. The project directory should have access only for the user group (Excluding administrator) which has\nthe users to use zenon projects. Consider the following example:\n\nExample: A user group named \u2018zenonOwnersGroup\u2019 to be created and it is the only\ngroup that has write access to the zenon_ Projects directory. If the system has 2 users\nsuch as test1(Part of zenonOwnersGroup ) and test2 (not in zenonOwnersGroup ). The\nproject directory (C:\\Users\\Public\\Documents\\zenon_Projects) should have write access only for the zenonOwnersGroup and for no one else. Now, test1 should have write\naccess the zenon_Project directory and test2 should not.\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "\nABB recommends the following workarounds. Although these workarounds will not correct the underlying vulnerability, they block the known attack vectors.\n\u2022 For CVE-2023-3321, Recommended practices include that process control systems are physically protected,\nhave no direct connections to the Internet, and are separated from other networks by\nmeans of a firewall system that has a minimal number of ports exposed.\u00a0 Remove the default directory permissions for \u2018Everyone\u2019 on the service grid, ABB utilities, and zenon_Projects directories and provide access only to specific users that are\nexpected to access zenon.\u00a0 Install the IIoT services, which is, the Service grid component on a separate system.\u00a0 Secure the ZEE600 related executable files in \u2018C:\\ProgramData\\ABB\\ABBUtilities\u2019 directory by removing the group named \u201cEveryone\u201d.\u00a0 Ensure the group name \u201cEveryone\u201d should be removed from the following directory.\n\u2018C:\\ProgramData\\ABB\u2019.\u00a0 Secure zenon_Projects directory by managing the access permissions. The project directory should have access only for the user group (Excluding administrator) which has\nthe users to use zenon projects. Consider the following example:\n\nExample: A user group named \u2018zenonOwnersGroup\u2019 to be created and it is the only\ngroup that has write access to the zenon_ Projects directory. If the system has 2 users\nsuch as test1(Part of zenonOwnersGroup ) and test2 (not in zenonOwnersGroup ). The\nproject directory (C:\\Users\\Public\\Documents\\zenon_Projects) should have write access only for the zenonOwnersGroup and for no one else. Now, test1 should have write\naccess the zenon_Project directory and test2 should not.\n\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2023-3321",
"datePublished": "2023-07-24T17:06:31.093Z",
"dateReserved": "2023-06-19T15:47:17.589Z",
"dateUpdated": "2024-10-24T15:59:10.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-3321\",\"sourceIdentifier\":\"cybersecurity@ch.abb.com\",\"published\":\"2023-07-24T18:15:23.453\",\"lastModified\":\"2024-11-21T08:17:00.517\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted\\nprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.\\nThis issue affects ABB Ability\u2122 zenon: from 11 build through 11 build 106404.\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-15\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:abb:zenon:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.0.0\",\"matchCriteriaId\":\"FCBA76C8-16C7-49BF-8D76-CD618F8FC32E\"}]}]}],\"references\":[{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.194142766.2067879716.1690216773-1911411808.1686627590\",\"source\":\"cybersecurity@ch.abb.com\",\"tags\":[\"Mitigation\",\"Technical Description\",\"Vendor Advisory\"]},{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.194142766.2067879716.1690216773-1911411808.1686627590\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Technical Description\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.194142766.2067879716.1690216773-1911411808.1686627590\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:55:01.093Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3321\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-24T15:59:00.259510Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-24T15:59:07.041Z\"}}], \"cna\": {\"title\": \"Code Execution through Writable Mosquitto Configuration File\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"ABB thanks Noam Moshe of Claroty Research - Team82, for helping to identify the vulnerabilities and protecting our customers.\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ABB\", \"product\": \"ABB Ability\\u2122 zenon\", \"versions\": [{\"status\": \"affected\", \"version\": \"11 build \", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11 build 106404\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2023-07-23T18:30:00.000Z\", \"references\": [{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.194142766.2067879716.1690216773-1911411808.1686627590\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"\\nABB recommends the following workarounds. Although these workarounds will not correct the underlying vulnerability, they block the known attack vectors.\\n\\u2022 For CVE-2023-3321, Recommended practices include that process control systems are physically protected,\\nhave no direct connections to the Internet, and are separated from other networks by\\nmeans of a firewall system that has a minimal number of ports exposed.\\u00a0 Remove the default directory permissions for \\u2018Everyone\\u2019 on the service grid, ABB utilities, and zenon_Projects directories and provide access only to specific users that are\\nexpected to access zenon.\\u00a0 Install the IIoT services, which is, the Service grid component on a separate system.\\u00a0 Secure the ZEE600 related executable files in \\u2018C:\\\\ProgramData\\\\ABB\\\\ABBUtilities\\u2019 directory by removing the group named \\u201cEveryone\\u201d.\\u00a0 Ensure the group name \\u201cEveryone\\u201d should be removed from the following directory.\\n\\u2018C:\\\\ProgramData\\\\ABB\\u2019.\\u00a0 Secure zenon_Projects directory by managing the access permissions. The project directory should have access only for the user group (Excluding administrator) which has\\nthe users to use zenon projects. Consider the following example:\\n\\nExample: A user group named \\u2018zenonOwnersGroup\\u2019 to be created and it is the only\\ngroup that has write access to the zenon_ Projects directory. If the system has 2 users\\nsuch as test1(Part of zenonOwnersGroup ) and test2 (not in zenonOwnersGroup ). The\\nproject directory (C:\\\\Users\\\\Public\\\\Documents\\\\zenon_Projects) should have write access only for the zenonOwnersGroup and for no one else. Now, test1 should have write\\naccess the zenon_Project directory and test2 should not.\\n\\n\\n\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nABB recommends the following workarounds. Although these workarounds will not correct the underlying vulnerability, they block the known attack vectors.\\n\\u2022 For CVE-2023-3321, Recommended practices include that process control systems are physically protected,\\nhave no direct connections to the Internet, and are separated from other networks by\\nmeans of a firewall system that has a minimal number of ports exposed.\u0026nbsp; Remove the default directory permissions for \\u2018Everyone\\u2019 on the service grid, ABB utilities, and zenon_Projects directories and provide access only to specific users that are\\nexpected to access zenon.\u0026nbsp; Install the IIoT services, which is, the Service grid component on a separate system.\u0026nbsp; Secure the ZEE600 related executable files in \\u2018C:\\\\ProgramData\\\\ABB\\\\ABBUtilities\\u2019 directory by removing the group named \\u201cEveryone\\u201d.\u0026nbsp; Ensure the group name \\u201cEveryone\\u201d should be removed from the following directory.\\n\\u2018C:\\\\ProgramData\\\\ABB\\u2019.\u0026nbsp; Secure zenon_Projects directory by managing the access permissions. The project directory should have access only for the user group (Excluding administrator) which has\\nthe users to use zenon projects. Consider the following example:\\n\\nExample: A user group named \\u2018zenonOwnersGroup\\u2019 to be created and it is the only\\ngroup that has write access to the zenon_ Projects directory. If the system has 2 users\\nsuch as test1(Part of zenonOwnersGroup ) and test2 (not in zenonOwnersGroup ). The\\nproject directory (C:\\\\Users\\\\Public\\\\Documents\\\\zenon_Projects) should have write access only for the zenonOwnersGroup and for no one else. Now, test1 should have write\\naccess the zenon_Project directory and test2 should not.\\n\\n\\n\\n\\n\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted\\nprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.\\nThis issue affects ABB Ability\\u2122 zenon: from 11 build through 11 build 106404.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted\\nprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.\u003cbr\u003e\u003cp\u003eThis issue affects ABB Ability\\u2122 zenon: from 11 build through 11 build 106404.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-15\", \"description\": \"CWE-15: External Control of System or Configuration Setting\"}]}], \"providerMetadata\": {\"orgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"shortName\": \"ABB\", \"dateUpdated\": \"2023-07-24T17:06:31.093Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-3321\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-24T15:59:10.846Z\", \"dateReserved\": \"2023-06-19T15:47:17.589Z\", \"assignerOrgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"datePublished\": \"2023-07-24T17:06:31.093Z\", \"assignerShortName\": \"ABB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…