Vulnerabilities > ABB

DATE CVE VULNERABILITY TITLE RISK
2023-07-24 CVE-2023-3323 Unspecified vulnerability in ABB Zenon
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system.
network
low complexity
abb
5.4
2023-07-24 CVE-2023-3324 Unspecified vulnerability in ABB Zenon
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system.
network
high complexity
abb
7.5
2023-06-28 CVE-2023-2625 OS Command Injection vulnerability in ABB Txpert HUB Coretec 4 Firmware
A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN.
low complexity
abb CWE-78
8.0
2023-06-13 CVE-2023-2876 Incorrect Permission Assignment for Critical Resource vulnerability in ABB products
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.
network
low complexity
abb CWE-732
6.1
2023-06-05 CVE-2023-0635 Unspecified vulnerability in ABB products
Improper Privilege Management vulnerability in ABB Ltd.
network
low complexity
abb
critical
9.8
2023-06-05 CVE-2023-0636 Unspecified vulnerability in ABB products
Improper Input Validation vulnerability in ABB Ltd.
network
low complexity
abb
critical
9.8
2023-05-22 CVE-2022-0010 Information Exposure Through Log Files vulnerability in ABB products
Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account.
local
low complexity
abb CWE-532
5.5
2023-05-17 CVE-2023-0863 Improper Authentication vulnerability in ABB products
Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.
low complexity
abb CWE-287
8.8
2023-05-17 CVE-2023-0864 Cleartext Transmission of Sensitive Information vulnerability in ABB products
Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.
low complexity
abb CWE-319
4.3
2023-04-06 CVE-2023-0580 Insecure Storage of Sensitive Information vulnerability in ABB MY Control System 5.0/5.13
Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13.
network
low complexity
abb CWE-922
critical
9.8