Vulnerabilities > ABB > Matrix 232 Firmware > 3.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-05 | CVE-2024-51542 | Files or Directories Accessible to External Parties vulnerability in ABB products Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 8.2 |
| 2024-12-05 | CVE-2024-51543 | Unspecified vulnerability in ABB products Information Disclosure vulnerabilities allow access to application configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 7.5 |
| 2024-12-05 | CVE-2024-51544 | External Control of System or Configuration Setting vulnerability in ABB products Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 8.2 |
| 2024-12-05 | CVE-2024-51545 | Unspecified vulnerability in ABB products Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |
| 2024-12-05 | CVE-2024-51546 | Improper Validation of Specified Type of Input vulnerability in ABB products Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 7.5 |
| 2024-12-05 | CVE-2024-51548 | Unspecified vulnerability in ABB products Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 8.8 |
| 2024-12-05 | CVE-2024-51549 | Path Traversal vulnerability in ABB products Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.4 |
| 2024-12-05 | CVE-2024-51550 | Unspecified vulnerability in ABB products Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |
| 2024-12-05 | CVE-2024-51551 | Use of Hard-coded Credentials vulnerability in ABB products Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 | 10.0 |
| 2024-12-05 | CVE-2024-51554 | Off-by-one Error vulnerability in ABB products Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |