Vulnerabilities > ABB > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-12-05 CVE-2024-48844 Unspecified vulnerability in ABB products
Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
6.5
2024-12-05 CVE-2024-6516 Unspecified vulnerability in ABB products
Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
network
low complexity
abb
6.1
2023-07-28 CVE-2023-2685 Unspecified vulnerability in ABB Ao-Opc 1.0.0/3.2.1
A vulnerability was found in AO-OPC server versions mentioned above.
local
high complexity
abb
6.3
2023-07-24 CVE-2023-3323 Unspecified vulnerability in ABB Zenon
A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system.
network
low complexity
abb
5.4
2023-06-13 CVE-2023-2876 Incorrect Permission Assignment for Critical Resource vulnerability in ABB products
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB REX640 PCL2 (Firmware modules), ABB REX640 PCL3 (firmware modules) allows Cross-Site Scripting (XSS).This issue affects REX640 PCL1: from 1.0;0 before 1.0.8; REX640 PCL2: from 1.0;0 before 1.1.4; REX640 PCL3: from 1.0;0 before 1.2.1.
network
low complexity
abb CWE-732
6.1
2023-05-22 CVE-2022-0010 Information Exposure Through Log Files vulnerability in ABB products
Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools. An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account.
local
low complexity
abb CWE-532
5.5
2023-05-17 CVE-2023-0864 Cleartext Transmission of Sensitive Information vulnerability in ABB products
Cleartext Transmission of Sensitive Information vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (CE) (Terra AC MID), ABB Terra AC wallbox (CE) Terra AC Juno CE, ABB Terra AC wallbox (CE) Terra AC PTB, ABB Terra AC wallbox (CE) Symbiosis, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): from 1.0;0 through 1.5.5; Terra AC wallbox (UL32A) : from 1.0;0 through 1.6.5; Terra AC wallbox (CE) (Terra AC MID): from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC Juno CE: from 1.0;0 through 1.6.5; Terra AC wallbox (CE) Terra AC PTB : from 1.0;0 through 1.5.25; Terra AC wallbox (CE) Symbiosis: from 1.0;0 through 1.2.7; Terra AC wallbox (JP): from 1.0;0 through 1.6.5.
low complexity
abb CWE-319
4.3
2023-03-31 CVE-2022-3192 Unspecified vulnerability in ABB Ac500 CPU Firmware
Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6.
network
low complexity
abb
5.3
2023-03-31 CVE-2023-1258 Unspecified vulnerability in ABB products
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before 4.0.
network
low complexity
abb
5.3
2023-03-16 CVE-2022-26080 Use of Insufficiently Random Values vulnerability in ABB products
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415.
network
low complexity
abb CWE-330
4.3