Vulnerabilities > ABB

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2022-34838 Insufficiently Protected Credentials vulnerability in ABB Zenon
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes.
local
low complexity
abb CWE-522
8.4
2022-07-21 CVE-2022-0902 Path Traversal vulnerability in ABB products
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node.
network
low complexity
abb CWE-22
critical
9.8
2022-06-21 CVE-2022-1596 Incorrect Permission Assignment for Critical Resource vulnerability in ABB products
Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node.
network
low complexity
abb CWE-732
6.5
2022-06-15 CVE-2022-26057 Improper Privilege Management vulnerability in ABB Mint Workbench 5866
Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist.
local
low complexity
abb CWE-269
7.8
2022-06-15 CVE-2022-31216 Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist.
local
low complexity
abb
7.8
2022-06-15 CVE-2022-31217 Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist.
local
low complexity
abb
7.8
2022-06-15 CVE-2022-31218 Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist.
local
low complexity
abb
7.8
2022-06-15 CVE-2022-31219 Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist.
local
low complexity
abb
7.8
2022-06-02 CVE-2022-28702 Incorrect Default Permissions vulnerability in ABB E-Design
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
local
low complexity
abb CWE-276
5.5
2022-06-02 CVE-2022-29483 Incorrect Default Permissions vulnerability in ABB E-Design
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
local
low complexity
abb CWE-276
7.8