Lucene search
K

1993 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:38 a.m.10 views

CVE-2019-18996

Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context...

7.8CVSS6.9AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.9 views

CVE-2020-24685

An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service DoS vulnerability. Vulnerability allows attacker to stop the PLC. After stopping ERR LED flashing red, physical access to the PLC is required in order to restart the application. This...

8.6CVSS6.6AI score0.01608EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.7 views

CVE-2020-24686

The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnerability is exploited, the PLC will show an error state and...

7.5CVSS7.2AI score0.01416EPSS
Exploits0References1
NVD
NVD
added 2026/01/07 5:15 p.m.4 views

CVE-2025-4675

Improper Check for Unusual or Exceptional Conditions vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K...

7.1CVSS0.00182EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/07 4:55 p.m.2 views

CVE-2025-4675 Improper implementation of Modbus protocol leading to DOS attack

Improper Check for Unusual or Exceptional Conditions vulnerability in ABB WebPro SNMP Card PowerValue, ABB WebPro SNMP Card PowerValue UL.This issue affects WebPro SNMP Card PowerValue: through 1.1.8.K; WebPro SNMP Card PowerValue UL: through 1.1.8.K...

7.1CVSS6.6AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2026/01/07 4:55 p.m.9 views

CVE-2025-4675

This CVE (CVE-2025-4675) concerns an improper check for unusual or exceptional conditions in ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL. Affected products: WebPro SNMP Card PowerValue and PowerValue UL, up to version 1.1.8.K. Root cause: improper handling/check of exce...

7.1CVSS6.6AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:36 a.m.10 views

CVE-2019-7226

The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with what may be the...

8.8CVSS7.4AI score0.0526EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:36 a.m.6 views

CVE-2019-7231

The ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can send a FTP command string of 472 bytes or more to overflow a buffer, causing an exception that...

5.7CVSS7.2AI score0.06783EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.8 views

CVE-2019-7227

In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with "CWD ../" and then use the FTP server functionality to download and upload files. An unauthenticated attacker can take advantage of the hardcoded or default credential pair exor/exor ...

7.3CVSS7AI score0.08511EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:34 a.m.7 views

CVE-2019-7232

The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler SEH address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to...

8.8CVSS7.8AI score0.52093EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.8 views

CVE-2019-7225

The ABB HMI components implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. These credentials allow the provisioning tool "Panel Builder 600" to flash a new interface and Tags MODBUS coils mapping to the HMI. These credentials are the idal123...

8.8CVSS7.1AI score0.02895EPSS
Exploits1References1
ICS
ICS
added 2026/01/07 12:30 a.m.8 views

ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities

SUMMARY ABB became aware of multiple internally discovered vulnerabilities in the WebPro SNMP card PowerValue for the product versions listed as affected in the advisory. Depending upon the vulnerability, an attacker with access to local network who successfully exploited this vulnerability...

5.9AI score
Exploits0References10
CNNVD
CNNVD
added 2026/01/07 12:0 a.m.4 views

ABB WebPro SNMP Card PowerValue和ABB WebPro SNMP Card PowerValue UL 安全漏洞

ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL are both a remote web management system from ABB Switzerland. A security vulnerability exists in ABB WebPro SNMP Card PowerValue and ABB WebPro SNMP Card PowerValue UL 1.1.8.K and earlier versions, which stems from an incorrec...

8.8CVSS6.8AI score0.00244EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/29 12:4 p.m.7 views

CVE-2025-12143

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33...

6.9CVSS7.1AI score0.00188EPSS
Exploits0References1
NVD
NVD
added 2025/11/28 12:16 p.m.5 views

CVE-2025-12143

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33...

6.9CVSS0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.4 views

CVE-2025-10571

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability Edgenius.This issue affects ABB Ability Edgenius: 3.2.0.0, 3.2.1.1...

9.6CVSS7AI score0.00299EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/20 12:0 a.m.4 views

ABB Ability Edgenius 安全漏洞

ABB Ability Edgenius is a cloud management edge platform from ABB Switzerland. A security vulnerability exists in ABB Ability Edgenius versions 3.2.0.0 and 3.2.1.1 that stems from the use of an alternate path or channel to bypass authentication...

9.6CVSS6.7AI score0.00299EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Hitachi ABB AFS Use After Free (CVE-2023-0215)

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This plugin only works wi...

7.5CVSS7.5AI score0.04494EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.1 views

Hitachi ABB AFS Double Free (CVE-2022-4450)

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This plugin only works wi...

7.5CVSS7.7AI score0.20444EPSS
Exploits0References3
CISA
CISA
added 2025/11/06 12:0 p.m.11 views

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-310-01 Advantech DeviceOn iEdge ICSA-25-310-02 Ubia Ubox ICSA-25-310-03 ABB FLXeon Controllers...

6.6AI score
Exploits0References4
Rows per page
Query Builder