Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-53188 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53187 | Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the system time, access files, and make function calls without prior authentication. This issue affects all versions of ASPECT prior to 3.08.04-s01 | 9.3 | 0.56% | 2025-08-11 | 2026-04-15 |
| CVE-2025-7745 | Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. | 6.9 | 0.38% | 2025-07-24 | 2026-04-15 |
| CVE-2025-7705 | : Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions. | 8.6 | 0.18% | 2025-07-22 | 2026-04-15 |
| CVE-2025-6074 | Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 6.3 | 0.16% | 2025-07-03 | 2026-04-15 |
| CVE-2025-6073 | Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 8.2 | 0.36% | 2025-07-03 | 2026-04-15 |
| CVE-2025-6072 | Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 8.2 | 0.33% | 2025-07-03 | 2026-04-15 |
| CVE-2025-6071 | Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 6.3 | 0.23% | 2025-07-03 | 2026-04-15 |
| CVE-2025-4407 | Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel Pro: through 1.0.1. | 6.8 | 0.15% | 2025-06-30 | 2026-04-15 |
| CVE-2024-13967 | This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT. This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8. | 9.4 | 0.44% | 2025-06-04 | 2026-04-15 |
| CVE-2024-13945 | Stored Absolute Path Traversal vulnerabilities in ASPECT could expose sensitive data if administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 8.4 | 0.35% | 2025-05-23 | 2026-04-15 |
| CVE-2024-51553 | Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 7.0 | 0.29% | 2025-05-22 | 2026-04-15 |
| CVE-2024-51552 | Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 7.1 | 0.29% | 2025-05-22 | 2026-04-15 |
| CVE-2024-48848 | Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on a system if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 7.0 | 0.28% | 2025-05-22 | 2026-04-15 |
| CVE-2024-13958 | Stored Cross Site Scripting vulnerabilities exist in ASPECT if administrator creden-tials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 4.6 | 0.15% | 2025-05-22 | 2026-04-15 |
| CVE-2024-13957 | SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 7.0 | 0.22% | 2025-05-22 | 2026-04-15 |
| CVE-2024-13956 | SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 8.8 | 0.36% | 2025-05-22 | 2026-04-15 |
| CVE-2024-13955 | 2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if administrator credentials become compromised.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 9.4 | 0.31% | 2025-05-22 | 2026-04-15 |
| CVE-2024-13954 | Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 5.1 | 0.18% | 2025-05-22 | 2026-04-15 |
| CVE-2024-13953 | Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 6.9 | 0.28% | 2025-05-22 | 2026-04-15 |