彙總 ABB 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 緩衝區溢位與跨站腳本 等問題,部分漏洞可能導致 應用程式崩潰,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-14774 | Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.2 | 0.15% | 2026-06-03 | 2026-06-04 |
| CVE-2025-14773 | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.2 | 0.18% | 2026-06-03 | 2026-06-04 |
| CVE-2025-14772 | Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.3 | 0.25% | 2026-06-03 | 2026-06-04 |
| CVE-2025-14771 | Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | [email protected] | 7.3 | 0.29% | 2026-06-03 | 2026-06-04 |
| CVE-2025-3395 | Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | [email protected] | 8.4 | 0.08% | 2025-04-30 | 2025-05-28 |
| CVE-2025-3394 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | [email protected] | 8.5 | 0.07% | 2025-04-30 | 2025-05-28 |
| CVE-2024-51547 | Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | [email protected] | 9.3 | 0.57% | 2025-02-06 | 2025-05-23 |
| CVE-2024-6784 | Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 0.49% | 2024-12-05 | 2025-04-10 |
| CVE-2024-6516 | Cross Site Scripting vulnerabilities where found providing a potential for malicious scripts to be injected into a client browser. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 1.08% | 2024-12-05 | 2025-02-27 |
| CVE-2024-6515 | Web browser interface may manipulate application username/password in clear text or Base64 encoding providing a higher probability of unintended credentails exposure. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 0.40% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51554 | Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 0.39% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51551 | Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02 | [email protected] | 9.3 | 0.42% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51550 | Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 1.79% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51549 | Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 0.53% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51548 | Dangerous File Upload vulnerabilities allow upload of malicious scripts. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 0.58% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51546 | Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.7 | 1.47% | 2024-12-05 | 2025-04-10 |
| CVE-2024-51545 | Username Enumeration vulnerabilities allow access to application level username add, delete, modify and list functions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 9.3 | 0.42% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51544 | Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 13.52% | 2024-12-05 | 2025-04-10 |
| CVE-2024-51543 | Information Disclosure vulnerabilities allow access to application configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 0.29% | 2024-12-05 | 2025-02-27 |
| CVE-2024-51542 | Configuration Download vulnerabilities allow access to dependency configuration information. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 | [email protected] | 8.8 | 0.30% | 2024-12-05 | 2025-04-10 |