Vulnerabilities > CVE-2023-0426 - Stack-based Buffer Overflow vulnerability in ABB products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

abb

CWE-121

NVD

Published: 2023-08-07

Updated: 2023-08-14

Summary

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make the product inaccessible. Stack-based Buffer Overflow vulnerability in ABB Freelance controllers AC 700F (conroller modules), ABB Freelance controllers AC 900F (controller modules).This issue affects: Freelance controllers AC 700F: from 9.0;0 through V9.2 SP2, through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019 , through Freelance 2019 SP1, through Freelance 2019 SP1 FP1; Freelance controllers AC 900F: through Freelance 2013, through Freelance 2013SP1, through Freelance 2016, through Freelance 2016SP1, through Freelance 2019, through Freelance 2019 SP1, through Freelance 2019 SP1 FP1.

Vulnerable Configurations

Part	Description	Count
OS	Abb ABB Ac700F Firmware * ABB Ac700F Firmware 9.2.0 ABB Freelance 2013 - ABB Freelance 2016 - ABB Freelance 2019 -	10
Hardware	Abb ABB Ac700F - ABB Ac900F -	2

Common Weakness Enumeration (CWE)

CWE-121 - Stack-based Buffer Overflow

References

https://search.abb.com/library/Download.aspx?DocumentID=7PAA007517&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.68514131.339223974.1691382343-1911411808.1686627590