What is CVE-2025-2409?

CVE-2025-2409 is a critical-severity vulnerability in Abb Aspect-enterprise, classified under External Control of File Name or Path. CVSS score: 9.1/10. Published 2025-05-22.

How severe is CVE-2025-2409?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Vulnerability in Abb Aspect-enterprise

CVE-2025-2409

File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MAT…

EPSS: 0.004 (59.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H.

Affected products

Abb Aspect-enterprise — versions 0
Abb Matrix Series — versions 0
Abb Nexus Series — versions 0

Weakness classification (CWE)

CWE-73 — External Control of File Name or Path

References

search.abb.com/library/Download.aspx

Frequently asked questions

What is CVE-2025-2409?: CVE-2025-2409 is a critical-severity vulnerability in Abb Aspect-enterprise, classified under External Control of File Name or Path. CVSS score: 9.1/10. Published 2025-05-22.
How severe is CVE-2025-2409?: Critical severity. CVSS v3 base score is 9.1 out of 10.