Vulnerabilities > ABB > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2022-29483 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 7.8 |
| 2022-05-02 | CVE-2022-28613 | Improper Validation of Specified Quantity in Input vulnerability in multiple products A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. | 7.5 |
| 2022-04-01 | CVE-2021-22277 | Improper Input Validation vulnerability in ABB products Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. | 7.5 |
| 2022-02-04 | CVE-2021-22284 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB OPC Server for AC 800M Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server. | 8.8 |
| 2022-02-04 | CVE-2021-22285 | Improper Handling of Exceptional Conditions vulnerability in ABB Pni800 Firmware and Spiet800 Firmware Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive. | 7.5 |
| 2022-02-04 | CVE-2021-22286 | Improper Input Validation vulnerability in ABB Pni800 Firmware and Spiet800 Firmware Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | 7.5 |
| 2022-02-04 | CVE-2021-22288 | Improper Input Validation vulnerability in ABB Pni800 Firmware and Spiet800 Firmware Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. | 7.5 |
| 2021-02-26 | CVE-2020-24686 | Resource Exhaustion vulnerability in ABB products The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. | 7.5 |
| 2021-02-09 | CVE-2020-24685 | Allocation of Resources Without Limits or Throttling vulnerability in ABB Ac500 CPU Firmware An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability. | 8.6 |
| 2020-12-22 | CVE-2020-24680 | Insufficiently Protected Credentials vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database. | 7.0 |