CVE-2023-2625 Information

Description

A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4 having any level of access VIEWER to ADMIN. To exploit the vulnerability the attacker can inject shell commands through a particular field of the web user interface that will be executed by the system.

Reference

https://search.abb.com/library/Download.aspx?DocumentID=8DBD000163&LanguageCode=en&DocumentPartId=&Action=Launch