CVE-2022-34837 MEDIUM

CVE-2022-34837: ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control

Vendor Abb
Product ABB Zenon
Weakness CWE-257
Published August 24, 2022
Last update September 17, 2024

CVSS base score

6.2/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

What the vulnerability does

01Description

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon.

Key dates

02Disclosure timeline

August 24, 2022 CVE published
September 17, 2024 Record updated