VDB
CVE-2023-7104
CVE-2023-7104
PUBLISHED
CVSS 7.300000190734863 HIGH
A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow.
EPSS 0.13% · 32.4th percentile
Risk Scores
CVSS 3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
EPSS Score
0.13%
32.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB B&R Automation Studio <6.5 | |
| ABB | B&R Industrial Automation GmbH Automation Studio <6.5 | |
| ABB | ABB Ability Camera Connect <=2.0.0.42 |
Exploit Intelligence
- https://sqlite.org/forum/forumpost/5bcbf4571c (nist-nvd)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
…and 27 more exploits
Timeline
- Dec 25, 2023 CVE Published
- Dec 26, 2023 EPSS Score
- Jan 24, 2024 EPSS Score
- Feb 22, 2024 EPSS Score
- Apr 19, 2024 EPSS Score
- May 18, 2024 EPSS Score
- Jun 16, 2024 EPSS Score
- Jul 3, 2024 PoC Published
- Jul 15, 2024 EPSS Score
- Aug 12, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 9, 2024 EPSS Score
References
- https://psirt.abb.com/csaf/2026/sa25p007.json advisory
- https://www.br-automation.com/fileadmin/SA25P007-097a386d.pdf advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-7104 advisory
- https://psirt.abb.com/csaf/2026/4hzm000604.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=4HZM000604&LanguageCode=en&DocumentPartId=PDF&Action=Launch advisory