CVE-2023-0635

EUVD-2023-12669
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103R1021, 2CQG100104R1021, 2CQG100105R1021, 2CQG100106R1021 modules) allows Privilege Escalation.This issue affects ASPECT®-Enterprise: from 3.0;0 before 3.07.01; NEXUS Series: from 3.0;0 before 3.07.01; MATRIX Series: from 3.0;0 before 3.07.01.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ABBCNA
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
abbaspect-ent-2_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbaspect-ent-12_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbaspect-ent-256_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbaspect-ent-96_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-2128_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-2128-a_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-2128-g_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-2128-f_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-3-2128_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-3-264_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-264_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-264-a_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-264-g_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbnexus-264-f_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbmatrix-216_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbmatrix-232_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbmatrix-296_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbmatrix-264_firmware
3.0.0 ≤
𝑥
< 3.07.01
abbmatrix-11_firmware
3.0.0 ≤
𝑥
< 3.07.01
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://search.abb.com/library/Download.aspx?DocumentID=2CKA000073B5403&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=2CKA000073B5403&LanguageCode=en&DocumentPartId=&Action=Launch