Description
Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. An attacker who successfully exploit the vulnerability could access the Zenon runtime activities such as the start and stop of various activity and the last error code etc.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://search.abb.com/library/Download.aspx?DocumentID=2NGA001479&LanguageCode=en&DocumentPartId=&Action=Launch
Scores
CVSS v3
5.9
EPSS
0.0053
EPSS Percentile
67.4%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Details
CWE
CWE-22
CWE-23
Status
published
Products (1)
abb/zenon
< 8.20
Published
Aug 24, 2022
Tracked Since
Feb 18, 2026