CVE-2023-52169 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-52169 PUBLISHED CVSS 8.199999809265137 HIGH

The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image.

EPSS 0.25% · 47.6th percentile

Risk Scores

CVSS v3.1

8.199999809265137

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:F/RL:O/RC:C

EPSS Score

0.25%

47.6th percentile

Affected Products

Vendor	Product	Versions
ABB	ABB 800xA for AC 870P Melody <=6.2
ABB	ABB Batch Management <=6.2
ABB	ABB 800xA for Symphony Plus Harmony <=6.2
ABB	ABB 800xA History <=7.0
ABB	ABB Production Response Batch History <=6.2
ABB	ABB Application Change Management <=6.2

Timeline

Jul 3, 2024 CVE Published
Jul 4, 2024 EPSS Score
Jul 26, 2024 EPSS Score
Aug 16, 2024 EPSS Score
Sep 7, 2024 EPSS Score
Sep 29, 2024 EPSS Score
Oct 5, 2024 Coalition ESS Score
Oct 20, 2024 EPSS Score
Nov 11, 2024 EPSS Score
Dec 4, 2024 EPSS Score
Dec 25, 2024 EPSS Score
Jan 16, 2025 EPSS Score

References

https://psirt.abb.com/csaf/2026/7paa023732.json advisory
https://search.abb.com/library/Download.aspx?DocumentID=7PAA023732&LanguageCode=en&DocumentPartId=&Action=Launch advisory
https://library.abb.com/d/3BDS011222D7000 advisory
https://library.abb.com/d/3BSE034463D7000 advisory
https://library.abb.com/d/3BSE037410D7000 advisory
https://library.abb.com/d/3BSE080520D7000 advisory
https://nvd.nist.gov/vuln/detail/CVE-2023-52169 advisory

Open in Interactive Console →