Search Results (228 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-53187 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 9.8 Critical
Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the system time, access files, and make function calls without prior authentication. This issue affects all versions of ASPECT prior to 3.08.04-s01
CVE-2025-30170 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 5.5 Medium
Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.
CVE-2024-13947 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 6 Medium
Device commissioning parameters in ASPECT may be modified by an external source if administrative credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2021-22291 1 Abb 2 Eibport V3 Knx, Eibport V3 Knx Gsm 2026-04-15 8 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ABB EIBPORT V3 KNX, ABB EIBPORT V3 KNX GSM.This issue affects EIBPORT V3 KNX: before 3.9.2; EIBPORT V3 KNX GSM: before 3.9.2.
CVE-2024-13946 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 6.8 Medium
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2024-13950 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 6.8 Medium
Log injection vulnerabilities in ASPECT provide attacker access to inject malicious browser scripts if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2024-0335 1 Abb 3 Symphony Plus S\+ Analyst, Symphony Plus S\+ Engineering, Symphony Plus S\+ Operations 2026-04-15 7.5 High
ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API component which may be used by several Symphony Plus products (e.g., S+ Operations, S+ Engineering and S+ Analyst) This issue affects Symphony Plus S+ Operations: from 3..0;0 through 3.3 SP1 RU4, from 2.1;0 through 2.1 SP2 RU3, from 2.0;0 through 2.0 SP6 TC6; Symphony Plus S+ Engineering: from 2.1 through 2.3 RU3; Symphony Plus S+ Analyst: from 7.0.0.0 through 7.2.0.2.
CVE-2024-51552 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 6 Medium
Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2024-13949 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 6.8 Medium
Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on a system if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2024-13956 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 6.7 Medium
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2024-13931 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 7.2 High
Relative Path Traversal vulnerabilities in ASPECT allow access to file resources if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.
CVE-2025-10205 1 Abb 1 Flxeon 2026-04-15 8.8 High
Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions
CVE-2025-7677 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 5.9 Medium
A denial-of-service (DoS) attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT.
CVE-2025-10571 1 Abb 1 Ability Edgenius 2026-04-15 9.6 Critical
Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability Edgenius.This issue affects ABB Ability Edgenius: 3.2.0.0, 3.2.1.1.
CVE-2024-6157 1 Abb 1 Robotware 2026-04-15 5.1 Medium
An attacker who successfully exploited these vulnerabilities could cause the robot to stop. A vulnerability exists in the PROFINET stack included in the RobotWare versions listed below.  This vulnerability arises under specific condition when specially crafted message is processed by the system. Below are reported vulnerabilities in the Robot Ware versions. * IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07
CVE-2024-13948 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 7.3 High
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration informationThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2025-10207 1 Abb 1 Flxeon 2026-04-15 7.2 High
Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5.
CVE-2025-7679 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 8.1 High
The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT
CVE-2025-2410 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 9.1 Critical
Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP port access if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.
CVE-2025-12142 1 Abb 1 Terra Ac Wallbox Jp 2026-04-15 6.1 Medium
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33.