7.1

CVE-2023-0864

EPSS 0.04%
Veröffentlicht 17.05.2023 08:15:08
Zuletzt bearbeitet 21.11.2024 07:37:59
Quelle cybersecurity@ch.abb.com
Teams Watchlist Login
Unerledigt Login

Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Abb ≫ Terra Ac Wallbox Ul40 Firmware Version >= 1.0.0 < 1.5.6

Abb ≫ Terra Ac Wallbox Ul40 Version-

Abb ≫ Terra Ac Wallbox 80a Firmware Version >= 1.0.0 < 1.5.6

Abb ≫ Terra Ac Wallbox 80a Version-

Abb ≫ Terra Ac Wallbox Ul32a Firmware Version >= 1.0.0 < 1.6.6

Abb ≫ Terra Ac Wallbox Ul32a Version-

Abb ≫ Terra Ac Wallbox Jp Firmware Version >= 1.0.0 < 1.6.6

Abb ≫ Terra Ac Wallbox Jp Version-

Abb ≫ Terra Ac Wallbox Ce Mid Firmware Version >= 1.0.0 < 1.6.6

Abb ≫ Terra Ac Wallbox Ce Mid Version-

Abb ≫ Terra Ac Wallbox Ce Juno Firmware Version >= 1.0.0 < 1.6.6

Abb ≫ Terra Ac Wallbox Ce Juno Version-

Abb ≫ Terra Ac Wallbox Ce Ptb Firmware Version >= 1.0.0 < 1.5.26

Abb ≫ Terra Ac Wallbox Ce Ptb Version-

Abb ≫ Terra Ac Wallbox Ce Symbiosis Firmware Version >= 1.0.0 < 1.2.8

Abb ≫ Terra Ac Wallbox Ce Symbiosis Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.093

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cybersecurity@ch.abb.com	7.1	1.2	5.9	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-0864

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-0864

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-0864

EUVD