ABB CVE Vulnerabilities & CVE List (161)

Products (CPE): — CVEs: 161

ABB vulnerability overview

Aggregates CVE and security vulnerability intelligence across all ABB-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk buffer overflow and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact application crash, affecting vendor surface software deployment scenarios.

Vulnerability distribution trend (last 24 months)

Showing 120 of 161 CVEs
«« First « Prev Page 1 / 9 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-14774 Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. [email protected] 7.2 0.03% 2026-06-03 2026-06-04
CVE-2025-14773 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. [email protected] 7.2 0.04% 2026-06-03 2026-06-04
CVE-2025-14772 Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. [email protected] 7.3 0.04% 2026-06-03 2026-06-04
CVE-2025-14771 Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. [email protected] 7.3 0.05% 2026-06-03 2026-06-04
CVE-2025-3395 Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. [email protected] 8.4 0.01% 2025-04-30 2025-05-28
CVE-2025-3394 Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. [email protected] 8.5 0.07% 2025-04-30 2025-05-28
CVE-2024-51547 Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. [email protected] 9.3 0.14% 2025-02-06 2025-05-23
CVE-2024-6784 Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.7 0.36% 2024-12-05 2025-04-10
CVE-2024-6516 Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 9.3 3.55% 2024-12-05 2025-02-27
CVE-2024-6515 Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.7 0.20% 2024-12-05 2025-02-27
CVE-2024-51554 Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.8 0.28% 2024-12-05 2025-02-27
CVE-2024-51551 Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.  Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 [email protected] 9.3 0.42% 2024-12-05 2025-02-27
CVE-2024-51550 Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 9.3 4.75% 2024-12-05 2025-02-27
CVE-2024-51549 Absolute File Traversal vulnerabilities allows access and modification of un-intended resources.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 9.3 0.30% 2024-12-05 2025-02-27
CVE-2024-51548 Dangerous File Upload vulnerabilities allow upload of malicious scripts.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.7 0.38% 2024-12-05 2025-02-27
CVE-2024-51546 Credentials Disclosure vulnerabilities allow access to on board project back-up bundles.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.7 17.07% 2024-12-05 2025-04-10
CVE-2024-51545 Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 9.3 0.42% 2024-12-05 2025-02-27
CVE-2024-51544 Service Control vulnerabilities allow access to service restart requests and vm configuration settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.8 4.73% 2024-12-05 2025-04-10
CVE-2024-51543 Information Disclosure vulnerabilities allow access to application configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.8 0.29% 2024-12-05 2025-02-27
CVE-2024-51542 Configuration Download vulnerabilities allow access to dependency configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 [email protected] 8.8 0.30% 2024-12-05 2025-04-10
«« First « Prev Page 1 / 9 Next »
cvelogic Threat Intelligence