Vulnerabilities > ABB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-05 | CVE-2024-51551 | Use of Hard-coded Credentials vulnerability in ABB products Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 | 10.0 |
| 2024-12-05 | CVE-2024-51554 | Off-by-one Error vulnerability in ABB products Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.8 |
| 2024-12-05 | CVE-2024-6515 | Unspecified vulnerability in ABB products Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 8.1 |
| 2024-12-05 | CVE-2024-6516 | Unspecified vulnerability in ABB products Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 6.1 |
| 2024-12-05 | CVE-2024-6784 | Server-Side Request Forgery (SSRF) vulnerability in ABB products Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | 9.9 |
| 2024-07-15 | CVE-2024-5402 | Unspecified vulnerability in ABB Mint Workbench 5866/5868 Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 5868. | 7.8 |
| 2024-07-05 | CVE-2024-6209 | Unspecified vulnerability in ABB products Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access files unauthorized | 7.5 |
| 2024-07-05 | CVE-2024-6298 | Improper Validation of Specified Type of Input vulnerability in ABB products Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely | 9.8 |
| 2024-06-05 | CVE-2024-4008 | Unspecified vulnerability in ABB products FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System low complexity abb | 8.8 |
| 2024-06-05 | CVE-2024-4009 | Authentication Bypass by Capture-replay vulnerability in ABB products Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System | 7.8 |