聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2025-53190 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53189 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53188 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53191 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 无 | 0.02% | 2025-08-11 | 2025-08-21 |
| CVE-2022-34838 | Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user. | 8.1 | 0.05% | 2022-08-24 | 2026-06-17 |
| CVE-2020-11639 | An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing the product to store wrong information or act on wrong data or display wrong information. This issue affects Advant MOD 300 AdvaBuild: from 3 | 7.8 | 0.06% | 2024-07-23 | 2026-06-16 |
| CVE-2024-8315 | An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL <4.4-00P5 may allow an authenticated local attacker to read credential information. | 6.8 | 0.06% | 2025-03-25 | 2026-06-17 |
| CVE-2024-13948 | Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration informationThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 6.9 | 0.06% | 2025-05-22 | 2026-06-17 |
| CVE-2025-3394 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | 8.5 | 0.07% | 2025-04-30 | 2026-06-17 |
| CVE-2025-13162 | Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1. | 4.1 | 0.08% | 2026-06-23 | 2026-06-25 |
| CVE-2025-3395 | Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | 8.4 | 0.08% | 2025-04-30 | 2026-06-17 |
| CVE-2025-9970 | Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21. | 5.7 | 0.09% | 2025-10-08 | 2026-06-17 |
| CVE-2024-10334 | A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used. An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X. | 7.0 | 0.09% | 2025-02-10 | 2026-06-17 |
| CVE-2026-0936 | An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disabled by default and must be explicitly enabled by the user. | 5.1 | 0.10% | 2026-01-29 | 2026-06-17 |
| CVE-2025-7064 | Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024. | 5.6 | 0.12% | 2026-06-11 | 2026-06-17 |
| CVE-2026-6901 | Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5. | 8.4 | 0.12% | 2026-07-06 | 2026-07-06 |
| CVE-2024-45482 | An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands. | 8.5 | 0.12% | 2025-03-25 | 2026-06-17 |
| CVE-2024-45481 | An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user. | 8.5 | 0.12% | 2025-03-25 | 2026-06-17 |
| CVE-2021-22278 | A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. | 6.7 | 0.12% | 2021-10-28 | 2026-06-16 |
| CVE-2024-4009 | Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System | 7.3 | 0.13% | 2024-06-05 | 2026-06-17 |