Vulnerabilities > ABB > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2022-34838 | Insufficiently Protected Credentials vulnerability in ABB Zenon Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. | 8.4 |
| 2022-06-15 | CVE-2022-26057 | Improper Privilege Management vulnerability in ABB Mint Workbench 5866 Vulnerabilities in the Mint WorkBench allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31216 | Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31217 | Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31218 | Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-15 | CVE-2022-31219 | Unspecified vulnerability in ABB Automation Builder, Drive Composer and Mint Workbench Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. | 7.8 |
| 2022-06-02 | CVE-2022-29483 | Incorrect Default Permissions vulnerability in ABB E-Design Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine. | 7.8 |
| 2022-05-02 | CVE-2022-28613 | Improper Validation of Specified Quantity in Input vulnerability in multiple products A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. | 7.5 |
| 2022-04-01 | CVE-2021-22277 | Improper Input Validation vulnerability in ABB products Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite - Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service. | 7.5 |
| 2022-02-04 | CVE-2021-22284 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB OPC Server for AC 800M Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server. | 8.8 |