Vulnerabilities > ABB > High

DATE CVE VULNERABILITY TITLE RISK
2024-12-05 CVE-2024-48843 SQL Injection vulnerability in ABB products
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb CWE-89
7.5
2024-12-05 CVE-2024-48846 Unspecified vulnerability in ABB products
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
7.3
2024-12-05 CVE-2024-51541 Unspecified vulnerability in ABB products
Local File Inclusion vulnerabilities allow access to sensitive system information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
7.5
2024-12-05 CVE-2024-51543 Unspecified vulnerability in ABB products
Information Disclosure vulnerabilities allow access to application configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
7.5
2024-12-05 CVE-2024-51548 Unspecified vulnerability in ABB products
Dangerous File Upload vulnerabilities allow upload of malicious scripts.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
8.8
2024-12-05 CVE-2024-6515 Unspecified vulnerability in ABB products
Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
8.1
2024-07-15 CVE-2024-5402 Unspecified vulnerability in ABB Mint Workbench 5866/5868
Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 5868.
local
low complexity
abb
7.8
2024-07-05 CVE-2024-6209 Unspecified vulnerability in ABB products
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access files unauthorized
network
low complexity
abb
7.5
2024-06-05 CVE-2024-4008 Unspecified vulnerability in ABB products
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System
low complexity
abb
8.8
2024-06-05 CVE-2024-4009 Authentication Bypass by Capture-replay vulnerability in ABB products
Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System
local
low complexity
abb CWE-294
7.8