ReportizFlow
Filtered by vendor Abb
Subscriptions
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-9639 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2026-04-15 | 8 High |
| Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. | ||||
| CVE-2024-6157 | 1 Abb | 1 Robotware | 2026-04-15 | 5.1 Medium |
| An attacker who successfully exploited these vulnerabilities could cause the robot to stop. A vulnerability exists in the PROFINET stack included in the RobotWare versions listed below. This vulnerability arises under specific condition when specially crafted message is processed by the system. Below are reported vulnerabilities in the Robot Ware versions. * IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07 | ||||
| CVE-2024-13946 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2026-04-15 | 6.8 Medium |
| DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | ||||
| CVE-2025-10207 | 1 Abb | 1 Flxeon | 2026-04-15 | 7.2 High |
| Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. | ||||
| CVE-2025-2410 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2026-04-15 | 9.1 Critical |
| Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP port access if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. | ||||
| CVE-2024-13928 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2026-04-15 | 7.2 High |
| SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. | ||||
| CVE-2025-13777 | 1 Abb | 2 Awin Gw100 Rev.2, Awin Gw120 | 2026-03-23 | 8.3 High |
| Authentication bypass by capture-replay vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1. | ||||
| CVE-2025-13778 | 1 Abb | 2 Awin Gw100 Rev.2, Awin Gw120 | 2026-03-23 | 6.5 Medium |
| Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1. | ||||
| CVE-2025-13779 | 1 Abb | 2 Awin Gw100 Rev.2, Awin Gw120 | 2026-03-23 | 8.3 High |
| Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1. | ||||
| CVE-2024-3036 | 1 Abb | 1 800xa Base System | 2025-12-19 | 5.7 Medium |
| Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited this vulnerability could cause services to crash by sending specifically crafted messages. This issue affects 800xA Base: from 6.0.0 through 6.1.1-2. | ||||
| CVE-2024-4007 | 1 Abb | 26 Aspect-ent-12, Aspect-ent-12 Firmware, Aspect-ent-2 and 23 more | 2025-12-19 | 8.8 High |
| Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured. | ||||
| CVE-2020-11639 | 1 Abb | 1 Advabuild | 2025-12-19 | 7.8 High |
| An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing the product to store wrong information or act on wrong data or display wrong information. This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2. For an attack to be successful, the attacker must have local access to a node in the system and be able to start a specially crafted application that disrupts the communication. An attacker who successfully exploited the vulnerability would be able to manipulate the data in such way as allowing reads and writes to the controllers or cause Windows processes in 800xA for MOD 300 and AdvaBuild to crash. | ||||
| CVE-2020-11640 | 1 Abb | 1 Advabuild | 2025-12-19 | 8.8 High |
| AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the command queue can use it to launch an attack by running any executable on the AdvaBuild node. The executables that can be run are not limited to AdvaBuild specific executables. Improper Privilege Management vulnerability in ABB Advant MOD 300 AdvaBuild.This issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2. | ||||
| CVE-2024-1914 | 1 Abb | 7 Irc5, Omnicore C30, Omnicore C90xt and 4 more | 2025-12-19 | 6.5 Medium |
| An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible. The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific condition when specially crafted message is processed by the system. Below are reported vulnerabilities in the Robot Ware versions. * IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07 * OmniCore- RobotWare 7 < 7.14 | ||||
| CVE-2024-1913 | 1 Abb | 7 Irc5, Omnicore C30, Omnicore C90xt and 4 more | 2025-12-19 | 7.6 High |
| An attacker who successfully exploited these vulnerabilities could cause the robot to stop, make the robot controller inaccessible, or execute arbitrary code. The vulnerability could potentially be exploited to perform unauthorized actions by an attacker. This vulnerability arises under specific condition when specially crafted message is processed by the system. Below are reported vulnerabilities in the Robot Ware versions. * IRC5- RobotWare 6 < 6.15.06 except 6.10.10, and 6.13.07 * OmniCore- RobotWare 7 < 7.14 | ||||
| CVE-2024-4008 | 1 Abb | 10 2tma310010b0001, 2tma310010b0001 Firmware, 2tma310010b0003 and 7 more | 2025-09-17 | 9.6 Critical |
| FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System | ||||
| CVE-2025-53191 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-08-21 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-53190 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-08-21 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-53189 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-08-21 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-53188 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-08-21 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||