Busch-Jaeger Security Vulnerabilities
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX...
9.6CVSS
6.7AI Score
0.0004EPSS
Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX...
9.2CVSS
6.6AI Score
0.0004EPSS
The vulnerability origins in the commissioning process where an attacker of the ControlTouch can enter a serial number in a specific way to transfer the device virtually into her/his my.busch-jaeger.de or mybuildings.abb.com profile. A successful attacker can observe and control a ControlTouch...
9.4CVSS
8.6AI Score
0.001EPSS
The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to the free@home System Access...
6.1CVSS
5.4AI Score
0.001EPSS
Improper implementation of Access Control in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows an unauthorized user to access data marked as restricted, such as viewing or editing user profiles and application...
9.1CVSS
9AI Score
0.002EPSS
The Configuration pages in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway for user profiles and services transfer the password in plaintext (although hidden when...
6.2CVSS
5.6AI Score
0.0004EPSS
The backup function in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway saves the current settings and configuration of the application, including credentials of existing user accounts and other configuration's credentials in...
6.2CVSS
5.5AI Score
0.0004EPSS
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows access to different endpoints of the application without authenticating by accessing a specific uniform resource locator (URL) , violating the access-control (ACL) rules. This issue allows obtaining...
9.8CVSS
9AI Score
0.003EPSS