VDB
CVE-2023-40481
CVE-2023-40481
PUBLISHED
CVSS 7.800000190734863 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
EPSS 10.81% · 93.5th percentile
Risk Scores
CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
EPSS Score
10.81%
93.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB 800xA History <=7.0 | |
| ABB | ABB 800xA for Symphony Plus Harmony <=6.2 | |
| ABB | ABB Production Response Batch History <=6.2 | |
| ABB | ABB Application Change Management <=6.2 | |
| ABB | ABB 800xA for AC 870P Melody <=6.2 | |
| ABB | ABB Batch Management <=6.2 |
Exploit Intelligence
- ZDI-23-1164 (circl)
- vendor-provided URL (circl)
- zigpos-zimt-grype.html (github-poc)
- zigpos-zimt-grype.html (github-poc)
- zigpos-zimt-grype.html (github-poc)
- zigpos-zimt-grype.html (github-poc)
- zigpos-zimt-grype.html (github-poc)
- zigpos-zimt-grype.html (github-poc)
- zigpos-zimt-grype.html (github-poc)
- zigpos-zimt-grype.html (github-poc)
…and 1 more exploits
Timeline
- Aug 27, 2023 CVE Published
- May 3, 2024 EPSS Score
- May 27, 2024 EPSS Score
- Jul 15, 2024 EPSS Score
- Aug 9, 2024 EPSS Score
- Sep 26, 2024 EPSS Score
- Oct 21, 2024 EPSS Score
- Nov 14, 2024 EPSS Score
- Jan 3, 2025 EPSS Score
- Jan 27, 2025 EPSS Score
- Feb 21, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
References
- https://psirt.abb.com/csaf/2026/7paa023732.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=7PAA023732&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://library.abb.com/d/3BDS011222D7000 advisory
- https://library.abb.com/d/3BSE034463D7000 advisory
- https://library.abb.com/d/3BSE037410D7000 advisory
- https://library.abb.com/d/3BSE080520D7000 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-40481 advisory