ABB CVE 脆弱性と CVE 一覧（161）

製品（CPE）: — CVE 件数: 161

ABB 脆弱性概要

ABB 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主にバッファオーバーフロー and vendor risk cross-site scripting などに関し、一部はアプリケーションクラッシュを招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移（直近24か月）

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2025-14774	Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.	[email protected]	7.2	0.03%	2026-06-03	2026-06-04
CVE-2025-14773	Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.	[email protected]	7.2	0.04%	2026-06-03	2026-06-04
CVE-2025-14772	Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.	[email protected]	7.3	0.04%	2026-06-03	2026-06-04
CVE-2025-14771	Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.	[email protected]	7.3	0.04%	2026-06-03	2026-06-04
CVE-2025-3395	Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.	[email protected]	8.4	0.01%	2025-04-30	2025-05-28
CVE-2025-3394	Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0.	[email protected]	8.5	0.07%	2025-04-30	2025-05-28
CVE-2024-51547	Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3.*.	[email protected]	9.3	0.14%	2025-02-06	2025-05-23
CVE-2024-6784	Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.7	0.36%	2024-12-05	2025-04-10
CVE-2024-6516	Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	9.3	3.55%	2024-12-05	2025-02-27
CVE-2024-6515	Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.7	0.20%	2024-12-05	2025-02-27
CVE-2024-51554	Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.8	0.28%	2024-12-05	2025-02-27
CVE-2024-51551	Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02	[email protected]	9.3	0.42%	2024-12-05	2025-02-27
CVE-2024-51550	Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	9.3	4.75%	2024-12-05	2025-02-27
CVE-2024-51549	Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	9.3	0.30%	2024-12-05	2025-02-27
CVE-2024-51548	Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.7	0.38%	2024-12-05	2025-02-27
CVE-2024-51546	Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.7	17.07%	2024-12-05	2025-04-10
CVE-2024-51545	Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	9.3	0.42%	2024-12-05	2025-02-27
CVE-2024-51544	Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.8	4.73%	2024-12-05	2025-04-10
CVE-2024-51543	Information Disclosure vulnerabilities allow access to application configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.8	0.29%	2024-12-05	2025-02-27
CVE-2024-51542	Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02	[email protected]	8.8	0.30%	2024-12-05	2025-04-10

cvelogic Threat Intelligence