CVE-2025-3756 Denial of Service Vulnerabilities in System 800xA, Symphony® Plus IEC 61850

A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this CVE. An attacker with access to IEC 61850 networks could exploit the vulnera bility by using a specially crafted 61850 packet, forcing the communication...

CVE-2025-3756

The vulnerability CVE-2025-3756 affects the IEC 61850 command handling in System 800xA products, specifically the PM 877, CI850, and CI868 modules, and impacts S+ Operations connectivity. A specially crafted IEC 61850 packet can force the affected interfaces into fault mode or render the S+ Opera...

ABB多款产品 安全漏洞

The ABB AC800M is a product of the Swiss company ABB. The ABB AC800M is a modular process controller designed for industrial automation systems. The ABB Symphony Plus SD Series consists of a series of control and I/O devices intended for industrial process control and distributed control systems...

EUVD-2020-17390

Malware in sbrugna...

EUVD-2020-29347

Malware in sbrugna...

EUVD-2023-12313

Malicious code in bioql PyPI...

EUVD-2024-16131

Malicious code in bioql PyPI...

CVE-2024-0335

ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API component which may be used by several Symphony Plus products e.g., S+ Operations, S+ Engineering and S+ Analyst This issue affects Symphony Plus S+ Operations: from 3..0;0 through 3.3 SP1 RU4, from 2.1;0...

CVE-2024-0335

CVE-2024-0335 concerns ABB Symphony Plus S+ products (Operations, Engineering, Analyst) with a vulnerability in the ABB VPNI feature of the S+ Control API. The issue stems from errors in processing relative paths within VPNI, which can enable denial of service. Affected versions include S+ Operat...

CVE-2024-0335 Malformed Packet Handling

ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API component which may be used by several Symphony Plus products e.g., S+ Operations, S+ Engineering and S+ Analyst This issue affects Symphony Plus S+ Operations: from 3..0;0 through 3.3 SP1 RU4, from 2.1;0...

CVE-2024-0335 Malformed Packet Handling

ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API component which may be used by several Symphony Plus products e.g., S+ Operations, S+ Engineering and S+ Analyst This issue affects Symphony Plus S+ Operations: from 3..0;0 through 3.3 SP1 RU4, from 2.1;0...

PT-2024-8940 · Abb · S+ Control Api +3

Name of the Vulnerable Software and Affected Versions: Symphony Plus S+ Operations versions 2.0;0 through 2.0 SP6 TC6 Symphony Plus S+ Operations versions 2.1;0 through 2.1 SP2 RU3 Symphony Plus S+ Operations versions 3.0;0 through 3.3 SP1 RU4 Symphony Plus S+ Engineering versions 2.1 through 2.3...

ABB SPIET800 and PNI800 Improper Handling of Unexpected Data Type (CVE-2021-22286)

Improper Input Validation vulnerability in the ABB SPIET800 and PNI800 module allows an attacker to cause the denial of service or make the module unresponsive. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 809...

ABB SPIET800 and PNI800 Incomplete Internal State Distinction (CVE-2021-22285)

Improper Handling of Exceptional Conditions, Improper Check for Unusual or Exceptional Conditions vulnerability in the ABB SPIET800 and PNI800 module that allows an attacker to cause the denial of service or make the module unresponsive. This plugin only works with Tenable.ot. Please visit...

ABB Ability Symphony Plus

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: ABB Equipment: Ability Symphony Plus Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized client to connect to the S+ Operations servers human...

ABB Central Licensing System Permissions, Privileges, and Access Controls (CVE-2020-8476)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

ABB Central Licensing System Improper Restriction of XML External Entity Reference (CVE-2020-8479)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

ABB Central Licensing System Uncontrolled Resource Consumption (CVE-2020-8475)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

ABB Central Licensing System Exposure of Sensitive Information to an Unauthorized Actor (CVE-2020-8481)

For ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...

ABB Central Licensing System Improper Access Control (CVE-2020-8471)

For the Central Licensing Server component used in ABB products ABB Ability System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...