Vulnerabilities > ABB > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-15 | CVE-2024-5402 | Unquoted Search Path or Element vulnerability in ABB Mint Workbench 5866/5868 Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 5868. | 7.8 |
| 2024-07-05 | CVE-2024-6209 | Files or Directories Accessible to External Parties vulnerability in ABB products Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series v <=3.08.01 ; MATRIX Series v<=3.08.01 allows Attacker to access files unauthorized | 7.5 |
| 2024-06-05 | CVE-2024-4008 | Information Exposure vulnerability in ABB products FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System | 8.8 |
| 2024-06-05 | CVE-2024-4009 | Authentication Bypass by Capture-replay vulnerability in ABB products Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System | 7.8 |
| 2023-08-07 | CVE-2023-0425 | Numeric Range Comparison Without Minimum Check vulnerability in ABB products ABB is aware of vulnerabilities in the product versions listed below. | 7.5 |
| 2023-08-07 | CVE-2023-0426 | Stack-based Buffer Overflow vulnerability in ABB products ABB is aware of vulnerabilities in the product versions listed below. | 7.5 |
| 2023-07-24 | CVE-2023-3321 | External Control of System or Configuration Setting vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 8.8 |
| 2023-07-24 | CVE-2023-3322 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 8.1 |
| 2023-07-24 | CVE-2023-3324 | Deserialization of Untrusted Data vulnerability in ABB Zenon A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. | 7.5 |
| 2023-06-28 | CVE-2023-2625 | OS Command Injection vulnerability in ABB Txpert HUB Coretec 4 Firmware A vulnerability exists that can be exploited by an authenticated client that is connected to the same network segment as the CoreTec 4, having any level of access VIEWER to ADMIN. | 8.0 |