HIGH🇵🇱 Wersja polska

CVE-2023-0425

CVSS 8.6v3.1pub. 2023-08-07upd. 2024-11-21

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible.  Numeric Range Comparison Without Minimum Check vulnerability in ABB Freelance controllers AC 700F (Controller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F:  from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1;  Freelance controllers AC 900F:  Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
  • Abb Ac700f

    HW
    Abb
    wszystkie wersje
  • Abb Ac700f Firmware

    OS
    Abb
    9.2.09.0.0 – 9.2.0 (bez)
  • Abb Ac900f

    HW
    Abb
    wszystkie wersje
  • Abb Freelance 2013

    OS
    Abb
    wszystkie wersje
  • Abb Freelance 2016

    OS
    Abb
    wszystkie wersje
  • Abb Freelance 2019

    OS
    Abb
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-0426HIGH8.6ten sam produkt

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves th...

CVE-2024-51547CRITICAL9.3PL ✓ten sam vendor

Zakodowane na stałe dane uwierzytelniające w urządzeniach ABB ASPECT/NEXUS/MATRIX

CVE-2024-48839CRITICAL9.3PL ✓ten sam vendor

RCE poprzez nieprawidłową walidację danych wejściowych w ABB ASPECT/NEXUS/MATRIX

CVE-2024-11317CRITICAL9.3PL ✓ten sam vendor

Session Fixation w ABB ASPECT i NEXUS/MATRIX Series — przejęcie sesji użytkownika

CVE-2024-48840CRITICAL9.3PL ✓ten sam vendor

RCE poprzez nieautoryzowany dostęp w urządzeniach ABB ASPECT/NEXUS/MATRIX

CVE-2023-0425 — Abb — Ac700F — HIGH — CVSS 8.6 | CVEbaza.pl