Abb Aspect-enterprise

58 CVEs affecting Abb Aspect-enterprise. Latest disclosed: 2025-05-23. Critical: 21, High: 21.

Top CVEs affecting Abb Aspect-enterprise
CVESeverityScorePublishedSummary
CVE-2024-51555Critical10.02024-12-05Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the install…
CVE-2024-51551Critical10.02024-12-05Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.  Affected products: ABB ASPE…
CVE-2024-51550Critical10.02024-12-05Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.  Affected products: …
CVE-2024-51549Critical10.02024-12-05Absolute File Traversal vulnerabilities allows access and modification of un-intended resources.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXU…
CVE-2024-51545Critical10.02024-12-05Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions.  Affected products: ABB ASPECT - Ente…
CVE-2024-48840Critical10.02024-12-05Unauthorized Access vulnerabilities allow Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series…
CVE-2024-48839Critical10.02024-12-05Improper Input Validation vulnerability allows Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX S…
CVE-2024-11317Critical10.02024-12-05Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.  …
CVE-2024-6209Critical10.02024-07-05Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to access file…
CVE-2024-6298Critical10.02024-07-05Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arb…
CVE-2024-51548Critical9.92024-12-05Dangerous File Upload vulnerabilities allow upload of malicious scripts.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRI…
CVE-2024-6784Critical9.92024-12-05Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.  Affec…
CVE-2024-51547Critical9.82025-02-06Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NE…
CVE-2024-6515Critical9.62024-12-05Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails e…
CVE-2024-48845Critical9.42024-12-05Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/appli…
CVE-2025-2409Critical9.12025-05-22File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if session administrator credentials become compromised This issu…
CVE-2025-2410Critical9.12025-05-22Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP port access if session administrator credentials become compr…
CVE-2024-51554Critical9.12024-12-05Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.  Affected products: ABB ASPE…
CVE-2025-30171Critical9.02025-05-22System File Deletion vulnerabilities in ASPECT provide attackers access to delete system files if session administrator credentials become compromised. This is…
CVE-2024-48853Critical9.02025-05-22An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a "non" root ASPECT user. This issue aff…