CVE-2023-3322 - OpenCVE

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts. This issue affects ABB Ability™ zenon: from 11 build through 11 build 106404.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Abb	Zenon

Configuration 1 [-]

cpe:2.3:a:abb:zenon:*:*:*:*:*:*:*:*

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590	Mitigation Technical Description Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ABB

Published: 2023-07-24T17:12:37.224Z

Updated: 2023-07-24T17:12:37.224Z

Reserved: 2023-06-19T15:47:19.574Z

Link: CVE-2023-3322

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-07-24T18:15:23.543

Modified: 2023-08-01T21:00:26.463

Link: CVE-2023-3322

JSON object: View

Redhat Information

No data.

CWE

CWE-732

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-3322", "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "state": "PUBLISHED", "assignerShortName": "ABB", "dateReserved": "2023-06-19T15:47:19.574Z", "datePublished": "2023-07-24T17:12:37.224Z", "dateUpdated": "2023-07-24T17:12:37.224Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ABB Ability\u2122 zenon", "vendor": "ABB", "versions": [{"lessThanOrEqual": "11 build 106404", "status": "affected", "version": "11 build ", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "ABB thanks Noam Moshe of Claroty Research - Team82, for helping to identify the vulnerabilities and protecting our customers."}], "datePublic": "2023-07-23T18:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted\nprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.<br><p>This issue affects ABB Ability\u2122 zenon: from 11 build through 11 build 106404.</p>\n\n"}], "value": "\nA vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted\nprograms to exploit the vulnerabilities by allowing them to run on the zenon installed hosts.\nThis issue affects ABB Ability\u2122 zenon: from 11 build through 11 build 106404.\n\n\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9", "shortName": "ABB", "dateUpdated": "2023-07-24T17:12:37.224Z"}, "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001801&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.194142766.2067879716.1690216773-1911411808.1686627590"}], "source": {"discovery": "UNKNOWN"}, "title": " Code Execution through overwriting service executable in utilities directory", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n\n\nABB recommends the following workarounds. Although these workarounds will not correct the underlying vulnerability, they block the known attack vectors.\n\u2022 For CVE-2023-3322, Recommended practices include that process control systems are physically protected,\nhave no direct connections to the Internet, and are separated from other networks by\nmeans of a firewall system that has a minimal number of ports exposed. Remove the default directory permissions for \u2018Everyone\u2019 on the service grid, ABB utilities, and zenon_Projects directories and provide access only to specific users that are\nexpected to access zenon. Install the IIoT services, which is, the Service grid component on a separate system. Secure the ZEE600 related executable files in \u2018C:\\ProgramData\\ABB\\ABBUtilities\u2019 directory by removing the group named \u201cEveryone\u201d. Ensure the group name \u201cEveryone\u201d should be removed from the following directory.\n\u2018C:\\ProgramData\\ABB\u2019. Secure zenon_Projects directory by managing the access permissions. The project directory should have access only for the user group (Excluding administrator) which has\nthe users to use zenon projects. Consider the following example:\n\nExample: A user group named \u2018zenonOwnersGroup\u2019 to be created and it is the only\ngroup that has write access to the zenon_ Projects directory. If the system has 2 users\nsuch as test1(Part of zenonOwnersGroup ) and test2 (not in zenonOwnersGroup ). The\nproject directory (C:\\Users\\Public\\Documents\\zenon_Projects) should have write access only for the zenonOwnersGroup and for no one else. Now, test1 should have write\naccess the zenon_Project directory and test2 should not.\n\n\n\n\n<br>\n\n<br>"}], "value": "\n\n\nABB recommends the following workarounds. Although these workarounds will not correct the underlying vulnerability, they block the known attack vectors.\n\u2022 For CVE-2023-3322, Recommended practices include that process control systems are physically protected,\nhave no direct connections to the Internet, and are separated from other networks by\nmeans of a firewall system that has a minimal number of ports exposed. Remove the default directory permissions for \u2018Everyone\u2019 on the service grid, ABB utilities, and zenon_Projects directories and provide access only to specific users that are\nexpected to access zenon. Install the IIoT services, which is, the Service grid component on a separate system. Secure the ZEE600 related executable files in \u2018C:\\ProgramData\\ABB\\ABBUtilities\u2019 directory by removing the group named \u201cEveryone\u201d. Ensure the group name \u201cEveryone\u201d should be removed from the following directory.\n\u2018C:\\ProgramData\\ABB\u2019. Secure zenon_Projects directory by managing the access permissions. The project directory should have access only for the user group (Excluding administrator) which has\nthe users to use zenon projects. Consider the following example:\n\nExample: A user group named \u2018zenonOwnersGroup\u2019 to be created and it is the only\ngroup that has write access to the zenon_ Projects directory. If the system has 2 users\nsuch as test1(Part of zenonOwnersGroup ) and test2 (not in zenonOwnersGroup ). The\nproject directory (C:\\Users\\Public\\Documents\\zenon_Projects) should have write access only for the zenonOwnersGroup and for no one else. Now, test1 should have write\naccess the zenon_Project directory and test2 should not.\n\n\n\n\n\n\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}