聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2026-6901 | Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5. | 8.4 | 0.12% | 2026-07-06 | 2026-07-06 |
| CVE-2026-6900 | Improper certificate validation vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5. | 9.1 | 0.14% | 2026-07-06 | 2026-07-06 |
| CVE-2026-0936 | An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disabled by default and must be explicitly enabled by the user. | 5.1 | 0.10% | 2026-01-29 | 2026-06-17 |
| CVE-2025-9970 | Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21. | 5.7 | 0.09% | 2025-10-08 | 2026-06-17 |
| CVE-2025-9574 | Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166 | 9.9 | 0.75% | 2025-10-20 | 2026-06-17 |
| CVE-2025-8754 | Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue affects ABB AbilityTM zenon: from 7.50 through 14. | 8.7 | 0.34% | 2025-08-13 | 2026-06-17 |
| CVE-2025-7745 | Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. | 6.9 | 0.38% | 2025-07-24 | 2026-06-17 |
| CVE-2025-7705 | : Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions. | 8.6 | 0.18% | 2025-07-22 | 2026-06-17 |
| CVE-2025-7679 | The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT | 9.2 | 0.42% | 2025-08-11 | 2026-06-17 |
| CVE-2025-7677 | A denial-of-service (DoS) attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT. | 8.2 | 0.28% | 2025-08-11 | 2026-06-17 |
| CVE-2025-7064 | Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024. | 5.6 | 0.12% | 2026-06-11 | 2026-06-17 |
| CVE-2025-6074 | Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 6.3 | 0.16% | 2025-07-03 | 2026-06-17 |
| CVE-2025-6073 | Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 8.2 | 0.36% | 2025-07-03 | 2026-06-17 |
| CVE-2025-6072 | Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 8.2 | 0.33% | 2025-07-03 | 2026-06-17 |
| CVE-2025-6071 | Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. | 6.3 | 0.23% | 2025-07-03 | 2026-06-17 |
| CVE-2025-5517 | Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (MID/ CE) -Terra AC MID, ABB Terra AC wallbox (MID/ CE) -Terra AC Juno CE, ABB Terra AC wallbox (MID/ CE) -Terra AC PTB, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): through 1.8.32; Terra AC wallbox (UL32A): through 1.8.2; Terra AC wallbox (MID/ CE) -Terra AC MID: through 1.8.32; Terra AC wallbox (MID/ CE) -Terra AC Juno CE: through 1.8.32; | 6.1 | 0.26% | 2025-10-20 | 2026-06-17 |
| CVE-2025-53191 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.02% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53190 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53189 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53188 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.01% | 2025-08-11 | 2025-08-21 |