Vulnerabilities > ABB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2022-34838 | Insufficiently Protected Credentials vulnerability in ABB Zenon Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. | 8.4 |
| 2022-07-21 | CVE-2022-0902 | Path Traversal vulnerability in ABB products Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node. | 9.8 |
| 2022-06-21 | CVE-2022-1596 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB products Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node. | 6.5 |
| 2022-06-15 | CVE-2022-26057 | Improper Privilege Management vulnerability in ABB Mint Workbench 5866 Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31216 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31217 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31218 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31219 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-02 | CVE-2022-28702 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 5.5 |
| 2022-06-02 | CVE-2022-29483 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 7.8 |