Vulnerabilities > ABB > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2021-22285 Improper Handling of Exceptional Conditions vulnerability in ABB Pni800 Firmware and Spiet800 Firmware
Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive.
network
low complexity
abb CWE-755
7.5
2022-02-04 CVE-2021-22286 Improper Input Validation vulnerability in ABB Pni800 Firmware and Spiet800 Firmware
Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive.
network
low complexity
abb CWE-20
7.5
2022-02-04 CVE-2021-22288 Improper Input Validation vulnerability in ABB Pni800 Firmware and Spiet800 Firmware
Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive.
network
low complexity
abb CWE-20
7.5
2021-02-26 CVE-2020-24686 Resource Exhaustion vulnerability in ABB products
The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state.
network
low complexity
abb CWE-400
7.5
2021-02-09 CVE-2020-24685 Allocation of Resources Without Limits or Throttling vulnerability in ABB Ac500 CPU Firmware
An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability.
network
low complexity
abb CWE-770
8.6
2020-12-22 CVE-2020-24680 Insufficiently Protected Credentials vulnerability in ABB Symphony + Historian and Symphony + Operations
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.
local
high complexity
abb CWE-522
7.0
2020-12-22 CVE-2020-24678 Unspecified vulnerability in ABB Symphony + Historian and Symphony + Operations
An authenticated user might execute malicious code under the user context and take control of the system.
network
low complexity
abb
8.8
2020-12-22 CVE-2020-24677 Improper Check for Unusual or Exceptional Conditions vulnerability in ABB Symphony + Historian and Symphony + Operations
Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.
network
low complexity
abb CWE-754
8.8
2020-12-22 CVE-2020-24676 Unspecified vulnerability in ABB Symphony + Historian and Symphony + Operations
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks.
local
low complexity
abb
7.8
2020-12-22 CVE-2020-24674 Incorrect Authorization vulnerability in ABB Symphony + Historian and Symphony + Operations
In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected.
network
low complexity
abb CWE-863
8.8