CVE-2023-0580
Last modified
CVE-2023-0580 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13. . EPSS estimates a 0.46% chance of exploitation in the next 30 days.
Description
Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Abb | My Control System | >= 5.0, <= 5.13 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-0580?
How severe is CVE-2023-0580?
How do I fix CVE-2023-0580?
Are you affected by CVE-2023-0580?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST