CVE-2023-0580

Summary

Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory

This issue affects My Control System (on-premise): from 5.0;0 through 5.13.

Affected Software

VendorProductVersion RangeStatus
ABBMy Control System (on-premise)5.0;0 <= 5.13affected

Weaknesses

  • CWE-922: CWE-922 Insecure Storage of Sensitive Information

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References