Vulnerabilities > ABB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2022-3573 | Cross-site Scripting vulnerability in multiple products An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. | 5.4 |
| 2022-08-24 | CVE-2022-34836 | Path Traversal vulnerability in ABB Zenon Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. | 8.2 |
| 2022-08-24 | CVE-2022-34837 | Insufficiently Protected Credentials vulnerability in ABB Zenon Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon. | 6.1 |
| 2022-08-24 | CVE-2022-34838 | Insufficiently Protected Credentials vulnerability in ABB Zenon Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. | 8.4 |
| 2022-07-21 | CVE-2022-0902 | Path Traversal vulnerability in ABB products Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node. | 9.8 |
| 2022-06-21 | CVE-2022-1596 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB products Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node. | 6.5 |
| 2022-06-15 | CVE-2022-26057 | Improper Privilege Management vulnerability in ABB Mint Workbench 5866 Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31216 | Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31217 | Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31218 | Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |