CVE-2023-0580

MEDIUM

ABB My Control System <5.1 - Info Disclosure

Title source: llm

Description

Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13.

References (1)

[Vendor Advisory] https://search.abb.com/library/Download.aspx?DocumentID=7PAA007893&LanguageCode=en&DocumentPartId=&Action=Launch

Scores

CVSS v3 5.4

EPSS 0.0040

EPSS Percentile 60.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-922

Status published

Products (1)

abb/my_control_system 5.0 - 5.13

Published Apr 06, 2023

Tracked Since Feb 18, 2026