Vulnerabilities > ABB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-01 | CVE-2021-22277 | Improper Input Validation vulnerability in ABB products Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. | 7.8 |
| 2022-02-04 | CVE-2021-22284 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB OPC Server for AC 800M Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server. | 6.5 |
| 2022-02-04 | CVE-2021-22285 | Improper Handling of Exceptional Conditions vulnerability in ABB Pni800 Firmware and Spiet800 Firmware Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive. | 7.5 |
| 2022-02-04 | CVE-2021-22286 | Improper Input Validation vulnerability in ABB Pni800 Firmware and Spiet800 Firmware Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | 5.0 |
| 2022-02-04 | CVE-2021-22288 | Improper Input Validation vulnerability in ABB Pni800 Firmware and Spiet800 Firmware Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | 5.0 |
| 2021-12-13 | CVE-2021-22279 | Missing Authentication for Critical Function vulnerability in ABB Omnicore C30 Firmware A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has access to the Connected Services Gateway Ethernet port. | 9.3 |
| 2021-10-28 | CVE-2021-22278 | Improper Certificate Validation vulnerability in ABB Update Manager A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. | 6.7 |
| 2021-09-27 | CVE-2021-22272 | The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.de or mybuildings.abb.com profile. | 9.0 |
| 2021-09-23 | CVE-2021-22276 | Improper Validation of Integrity Check Value vulnerability in ABB products The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access Point. | 4.3 |
| 2021-09-08 | CVE-2020-24672 | Improper Input Validation vulnerability in ABB Base Software A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary code in a computer running the affected product. | 6.8 |