abb

234 tracked vulnerabilities.

CVE-2024-13953 MEDIUM
ASPECT-Enterprise <3.* - Info Disclosure
May 22, 2025
CVSS 4.9
EPSS 0.00
CVE-2024-13952 HIGH
ABB ASPECT-Enterprise NEXUS Series and MATRIX Series <= 3.* - Information Exposure via Predictable Filename
May 22, 2025
CVSS 8.4
EPSS 0.00
CVE-2024-13951 HIGH
ABB ASPECT-Enterprise NEXUS Series MATRIX Series <= 3.* - Sensitive Information Exposure via Predictable Hash Salt
May 22, 2025
CVSS 7.6
EPSS 0.00
CVE-2024-13950 MEDIUM
ABB ASPECT-Enterprise NEXUS Series MATRIX Series <= 3.* - Authenticated Stored Cross-Site Scripting via Log Injection
May 22, 2025
CVSS 6.8
EPSS 0.00
CVE-2024-13949 MEDIUM
ABB ASPECT-Enterprise NEXUS Series MATRIX Series <= 3.* - Disk Overutilization via Large Content Injection
May 22, 2025
CVSS 6.8
EPSS 0.00
CVE-2024-13948 HIGH
ASPECT-Enterprise <3.* - Info Disclosure
May 22, 2025
CVSS 7.3
EPSS 0.00
CVE-2024-13947 MEDIUM
ASPECT-Enterprise <3.* - Info Disclosure
May 22, 2025
CVSS 6.0
EPSS 0.00
CVE-2024-13946 MEDIUM
ASPECT-Enterprise <3.* - Binary Planting
May 22, 2025
CVSS 6.8
EPSS 0.01
CVE-2024-9639 HIGH
ABB ASPECT, NEXUS, and MATRIX <= 3.08.03 - Compromised Admin Code Execution
May 22, 2025
CVSS 8.0
EPSS 0.01
CVE-2024-13931 HIGH
ABB ASPECT-Enterprise NEXUS and MATRIX Series <= 3.08.03 - Authenticated Path Traversal
May 22, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-13930 MEDIUM
ABB ASPECT-Enterprise NEXUS and MATRIX Series <= 3.08.03 - Authenticated Denial of Service via Unchecked Loop Condition
May 22, 2025
CVSS 4.9
EPSS 0.00
CVE-2024-13929 HIGH
ABB ASPECT, NEXUS, and MATRIX <= 3.08.03 - Servlet Injection Code Execution
May 22, 2025
CVSS 7.2
EPSS 0.02
CVE-2024-13928 HIGH
ABB ASPECT-Enterprise NEXUS and MATRIX Series <= 3.08.03 - Authenticated SQL Injection
May 22, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-48853 CRITICAL
ASPECT <3.08.03 - Privilege Escalation
May 22, 2025
CVSS 9.0
EPSS 0.00
CVE-2024-48850 HIGH
ABB ASPECT-Enterprise NEXUS Series MATRIX Series <= 3.08.03 - Absolute Path Traversal
May 22, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-9877 MEDIUM
ABB ANC, ANC-L, and ANC-mini <= 1.1.4 - Sensitive Information Exposure via GET Request Query Strings
Apr 30, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-9876 HIGH
ABB ANC, ANC-L, and ANC-mini <= 1.1.4 - Modification of Assumed-Immutable Data
Apr 30, 2025
CVSS 7.3
EPSS 0.00
CVE-2024-47784 LOW
ABB ANC < 1.1.4 - Authenticated Unverified Password Change via Web HMI
Apr 30, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-10334 HIGH
ABB System 800xA 5.1.x 6.0.3.x 6.1.1.x 6.2.x - Video Feed Manipulation via VideONet
Feb 10, 2025
CVSS 7.3
EPSS 0.00
CVE-2024-51547 CRITICAL
ABB ASPECT-Enterprise, NEXUS Series, MATRIX Series < 3.08.03 - Use of Hard-coded Credentials
Feb 06, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-48852 CRITICAL
ABB FLXEON <= 9.3.4 - Sensitive Information Disclosure via Log File Insertion
Jan 29, 2025
CVSS 9.4
EPSS 0.03
CVE-2024-48849 CRITICAL
ABB FLXEON <= 9.3.4 - Missing Origin Validation in WebSockets
Jan 29, 2025
CVSS 9.4
EPSS 0.00
CVE-2024-48841 CRITICAL
FLXEON <9.3.4 - Privilege Escalation
Jan 27, 2025
CVSS 10.0
EPSS 0.08
CVE-2024-12430 HIGH
ABB AC500 V3 < 3.8.0 - Authenticated OS Command Injection via Crafted File
Jan 07, 2025
CVSS 7.0
EPSS 0.00
CVE-2024-12429 MEDIUM
ABB AC500 V3 < 3.8.0 - Authenticated Path Traversal
Jan 07, 2025
CVSS 4.3
EPSS 0.00
Products
ASPECT-Enterprise 32 MATRIX Series 32 NEXUS Series 32 aspect-ent-12_firmware 29 aspect-ent-256_firmware 29 aspect-ent-2_firmware 29 aspect-ent-96_firmware 29 matrix-11_firmware 29 matrix-216_firmware 29 matrix-232_firmware 29 matrix-264_firmware 29 matrix-296_firmware 29 nexus-2128_firmware 29 nexus-264_firmware 29 nexus-3-2128_firmware 29 nexus-3-264_firmware 29 nexus-2128-a_firmware 28 nexus-2128-f_firmware 28 nexus-2128-g_firmware 28 nexus-264-a_firmware 28 nexus-264-f_firmware 28 nexus-264-g_firmware 28 symphony_\+_historian 9 symphony_\+_operations 9 FLXEON 7 zenon 7 automation_builder 6 mint_workbench 6 pb610_panel_builder_600_firmware 6 800xa_system 5
Quick Filters
Critical CVEs With Exploits In CISA KEV