ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control
CVE-2022-34838

8.1HIGH

Key Information:

Vendor: Abb
Status: Abb Zenon
Vendor: CVE Published:; 24 August 2022

What is CVE-2022-34838?

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.

Affected Version(s)

ABB Zenon <= 8.20

References

https://search.abb.com/library/Download.aspx?DocumentID=2...

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 24, 2022
Vulnerability Reserved
Jun 30, 2022

Credit

ABB thanks Ruben Santamarta for helping to identify the vulnerabilities and protecting our customers

Abb

What is CVE-2022-34838?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit