6 matches found
CVE-2024-4007
creationtimestamp| type| source ---|---|--- 2025-04-04 21:02:06+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3llzctf2hhr23...
ABB Cylon Aspect 3.07.01 (config.inc.php) Hard-coded Credentials in phpMyAdmin
Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller is operating with default and hard-coded...
ABB Cylon Aspect 3.07.01 Hard-Coded Credentials
ABB Cylon Aspect 3.07.01 config.inc.php Hard-coded Credentials in phpMyAdmin Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.01 Summary: ASPECT is an award-winning scalable building energy...
CVE-2024-4007 Hard coded default credential contained in install package
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured...
CVE-2024-4007
ABB ASPECT, NEXUS Series, and MATRIX Series (firmware up to 3.07) contain default/hard-coded credentials installed with the package, enabling login to misconfigured devices. Root cause: credentials embedded in the installer; attack surface includes Internet-adjacent exposure per public advisories...
CVE-2024-4007 Hard coded default credential contained in install package
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured...