汇总 ABB 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 缓冲区溢出与跨站脚本 等问题,部分漏洞可能导致 应用崩溃,并影响 软件部署与生产负载 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2025-14774 | Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.2 | 0.03% | 2026-06-03 | 2026-06-04 |
| CVE-2025-14773 | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.2 | 0.04% | 2026-06-03 | 2026-06-04 |
| CVE-2025-14772 | Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.3 | 0.04% | 2026-06-03 | 2026-06-04 |
| CVE-2025-14771 | Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.3 | 0.05% | 2026-06-03 | 2026-06-04 |
| CVE-2025-3395 | Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | [email protected] | 8.4 | 0.01% | 2025-04-30 | 2025-05-28 |
| CVE-2025-3394 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | [email protected] | 8.5 | 0.07% | 2025-04-30 | 2025-05-28 |
| CVE-2024-51547 | Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | [email protected] | 9.3 | 0.14% | 2025-02-06 | 2025-05-23 |
| CVE-2024-6784 | Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 0.36% | 2024-12-05 | 2025-04-10 |
| CVE-2024-6516 | Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 3.55% | 2024-12-05 | 2025-02-27 |
| CVE-2024-6515 | Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 0.20% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51554 | Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 0.28% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51551 | Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 | [email protected] | 9.3 | 0.42% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51550 | Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 4.75% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51549 | Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 0.30% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51548 | Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 0.38% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51546 | Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 17.07% | 2024-12-05 | 2025-04-10 |
| CVE-2024-51545 | Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 0.42% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51544 | Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 4.73% | 2024-12-05 | 2025-04-10 |
| CVE-2024-51543 | Information Disclosure vulnerabilities allow access to application configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 0.29% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51542 | Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 0.30% | 2024-12-05 | 2025-04-10 |