Vulnerabilities > ABB > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-17 | CVE-2023-0863 | Improper Authentication vulnerability in ABB products Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5. | 8.8 |
| 2023-03-02 | CVE-2023-0228 | Improper Authentication vulnerability in ABB Symphony Plus S+ Operations 2.1/2.2/3.3 Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2. | 8.8 |
| 2023-02-24 | CVE-2022-1607 | Cross-Site Request Forgery (CSRF) vulnerability in ABB Infinity DC Power Plant and Ne843 S Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415. | 8.8 |
| 2022-06-15 | CVE-2022-26057 | Improper Privilege Management vulnerability in ABB Mint Workbench 5866 Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.2 |
| 2022-06-15 | CVE-2022-31216 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31217 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31218 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31219 | Link Following vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-07 | CVE-2021-35532 | Unrestricted Upload of File with Dangerous Type vulnerability in ABB Txpert HUB Coretec 4 Firmware A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4 product. | 7.2 |
| 2022-06-02 | CVE-2022-29483 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 7.2 |