CVE-2022-34838 HIGH

CVE-2022-34838: ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control

Vendor Abb
Product ABB Zenon
Weakness CWE-257
Published August 24, 2022
Last update September 17, 2024

CVSS base score

8.1/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.

Key dates

02Disclosure timeline

August 24, 2022 CVE published
September 17, 2024 Record updated