CVE-2025-2409 Admin Authorized System File corruption

File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2025-2409 Admin Authorized System File corruption

File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2025-2409

The CVE-2025-2409 entry describes a file-corruption vulnerability in ABB ASPECT product line that could let an attacker overwrite system files when session administrator credentials are compromised. Affected products are ASPECT-Enterprise (up to version 3.08.03), NEXUS Series (up to 3.08.03), and...

CVE-2025-2410 Admin Authorized Port (iptables) manipulation (open/close/disable ports)

Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP port access if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-9639 Authenticated Remote Code Execution

Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-9639 Authenticated Remote Code Execution

Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-9639

CVE-2024-9639 describes Remote Code Execution in ABB ASPECT line when session administrator credentials are compromised. Affected products include ASPECT-Enterprise, NEXUS Series, and MATRIX Series, up to version 3.08.03. The underlying issue is tied to authentication/context boundary weaknesses ...

CVE-2024-48850

Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended resources. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-48853

An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a "non" root ASPECT user. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-48850 Authenticated Absolute Path Traversal

Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended resources. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-48850 Authenticated Absolute Path Traversal

Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended resources. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-48853 Authenticated Escalation to guest to root

An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a "non" root ASPECT user. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2024-48853

CVE-2024-48853 describes an escalation-of-privilege in ABB ASPECT product line (ASPECT-Enterprise, NEXUS Series, MATRIX Series) up to version 3.08.03. The issue allows an attacker logged in as a non-root ASPECT user to achieve root access on a server. Public sources in the connected documents con...

CVE-2024-48853 Authenticated Escalation to guest to root

An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a "non" root ASPECT user. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03...

CVE-2020-36432

An issue was discovered in the algds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new...

CVE-2019-19373

An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can trigger arbitrary unserialization of a PHP object from a packages/cms/pagetemplates/pageremotecontent/pageremotecontent.inc POST paramete...

CVE-2019-19374

An issue was discovered in core/assets/form/formquestiontypes/formquestiontypefileupload/formquestiontypefileupload.inc in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5.5.1 prior to 5.5.1.8, 5.5.2 prior to 5.5.2.4, and 5.5.3 prior to 5.5.3.3 where a user can delete arbitrary files from the server...

CVE-2017-1000415

MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration beginning year extended delayed by 100 years...

PT-2025-22504 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3.08.03 NEXUS Series versions through 3.08.03 MATRIX Series versions through 3.08.03 Description: The issue allows access and modification of unintended resources due to Absolute File Traversal vulnerabiliti...

PT-2025-22540 · Unknown · Nexus Series +2

Name of the Vulnerable Software and Affected Versions: ASPECT-Enterprise versions through 3. NEXUS Series versions through 3. MATRIX Series versions through 3. Description: Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromised. Recommendation...