219 matches found
CVE-2024-11316
Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51555
Summary: CVE-2024-51555 concerns default credential vulnerabilities in ABB ASPECT and related series. Publicly available default credentials allow access to ABB ASPECT devices due to design that does not require changing defaults (affected: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02;...
CVE-2024-51555 Force Change of Default Credentials
Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02...
CVE-2024-51555 Force Change of Default Credentials
Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02...
CVE-2024-51554 off-by-one-error
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51554 off-by-one-error
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51550 Data Validation / Sanitization
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51550
CVE-2024-51550 affects ABB ASPECT, NEXUS Series, and MATRIX Series (firmware up to 3.08.02). The vulnerability arises from Data Validation / Data Sanitization issues in Linux, allowing unvalidated data injection into an Aspect device. Connected sources document a Remote Code Execution path: an au...
CVE-2024-51550 Data Validation / Sanitization
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51549 Absolute Path Traversal
Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51549
CVE-2024-51549 concerns an Absolute File Traversal in ABB ASPECT, NEXUS Series, and MATRIX Series (up to version 3.08.02). Connected sources describe an issue where directory path name handling allowed access to unintended resources, with potential for unauthorized file access and modification. A...
CVE-2024-51549 Absolute Path Traversal
Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51548 Dangerous File Upload
Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51548 Dangerous File Upload
Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51548
CVE-2024-51548 is an active vulnerability affecting ABB ASPECT – Enterprise v3.08.02, NEXUS Series v3.08.02, and MATRIX Series v3.08.02, caused by dangerous file upload that can allow uploading of malicious scripts. Multiple connected sources confirm the issue and list affected products and versi...
CVE-2024-51546 Credentails Disclosure
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51546 Credentails Disclosure
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51546
CVE-2024-51546 affects ABB ASPECT Enterprise v3.08.02, NEXUS Series v3.08.02 and MATRIX Series v3.08.02, with credentials disclosure enabling access to on-board project backup bundles. Connected sources (including Exploit DB, Red Hat/US-CISA advisories and NC SC) describe this as a cookie/credent...
CVE-2024-51545 Username Enumeration
Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...
CVE-2024-51545 Username Enumeration
Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...