Vulnerabilities > ABB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-05 | CVE-2024-4009 | Authentication Bypass by Capture-replay vulnerability in ABB products Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System | 7.8 |
| 2023-08-07 | CVE-2023-0425 | Unspecified vulnerability in ABB products ABB is aware of vulnerabilities in the product versions listed below. | 7.5 |
| 2023-08-07 | CVE-2023-0426 | Unspecified vulnerability in ABB products ABB is aware of vulnerabilities in the product versions listed below. | 7.5 |
| 2023-07-28 | CVE-2023-2685 | Unspecified vulnerability in ABB Ao-Opc 1.0.0/3.2.1 A vulnerability was found in AO-OPC server versions mentioned above. | 6.3 |
| 2023-07-24 | CVE-2023-3321 | Unspecified vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 8.8 |
| 2023-07-24 | CVE-2023-3322 | Unspecified vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 8.1 |
| 2023-07-24 | CVE-2023-3323 | Unspecified vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 5.4 |
| 2023-07-24 | CVE-2023-3324 | Unspecified vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 7.5 |
| 2023-06-28 | CVE-2023-2625 | OS Command Injection vulnerability in ABB Txpert HUB Coretec 4 Firmware A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. | 8.0 |
| 2023-06-13 | CVE-2023-2876 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB products Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1. | 6.1 |