14 matches found
CISA Releases Four Industrial Control Systems Advisories
CISA released four Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-310-01 Advantech DeviceOn iEdge ICSA-25-310-02 Ubia Ubox ICSA-25-310-03 ABB FLXeon Controllers...
ABB FLXeon Controllers
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take remote control of the product, insert and run arbitrary code, and crash the device being accessed. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...
CVE-2024-48842
Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 and newer versions...
CVE-2025-10205
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2024-48851
CVE-2024-48851 affects ABB FLXEON controllers (through version 9.3.5). The issue arises from improper input validation in the FLXEON.A component, enabling remote code execution. Connected sources (ICS advisory from CISA, vendor/Red Hat/CNNVD entries) confirm remote code execution as the impact. N...
CVE-2024-48842
Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 and newer versions...
CVE-2025-10205
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2025-10205 Predictable Salt and Weak Hashing Algorithm
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions...
CVE-2024-48842 Hardcoded passwords
Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 and newer versions...
PT-2025-38219
Name of the Vulnerable Software and Affected Versions: ABB FLXEON versions through 9.3.5 and newer versions Description: The software uses a one-way hash with a predictable salt. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerabili...
๐ ABB Cylon FLXeon 9.3.5 siteGuide.js Authenticated Root Remote Code Execution
The ABB Cylon FLXeon BACnet controller is vulnerable to authenticated remote root code execution via the /api/siteGuide endpoint. An attacker with valid credentials can inject arbitrary system commands by manipulating the filename and/or originalname parameters. The issue arises due to improper...
ABB FLXeon Log Message Disclosure Vulnerability
The ABB FLXeon is a series of controllers from ABB Switzerland. ABB FLXeon version 9.3.4 and prior versions suffer from a log information disclosure vulnerability that stems from the application's inadequate protection of sensitive information and can be exploited by an attacker to obtain sensiti...
ABB FLXeon Security Bypass Vulnerability
The ABB FLXeon is a series of controllers from ABB Switzerland. ABB FLXeon suffers from a security bypass vulnerability that stems from insufficient session management to prevent unauthorized HTTPS requests. No detailed vulnerability details are provided at this time...
ABB FLXeon ๅฎๅ จๆผๆด
ABB FLXeon is a series of controllers from ABB Switzerland. A security vulnerability exists in ABB FLXeon version 9.3.4 and prior versions, which originates from a vulnerability that allows an attacker to execute arbitrary code and elevate privileges via network access...