聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2025-53190 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53189 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53188 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.01% | 2025-08-11 | 2025-08-21 |
| CVE-2025-53191 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 0.02% | 2025-08-11 | 2025-08-21 |
| CVE-2022-34838 | Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user. | 8.1 | 0.05% | 2022-08-24 | 2026-06-17 |
| CVE-2020-11639 | An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing the product to store wrong information or act on wrong data or display wrong information. This issue affects Advant MOD 300 AdvaBuild: from 3 | 7.8 | 0.06% | 2024-07-23 | 2026-06-16 |
| CVE-2024-8315 | An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL <4.4-00P5 may allow an authenticated local attacker to read credential information. | 6.8 | 0.06% | 2025-03-25 | 2026-06-17 |
| CVE-2024-13948 | Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration informationThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | 6.9 | 0.06% | 2025-05-22 | 2026-06-17 |
| CVE-2025-3394 | Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | 8.5 | 0.07% | 2025-04-30 | 2026-06-17 |
| CVE-2025-13162 | Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1. | 4.1 | 0.08% | 2026-06-23 | 2026-06-25 |
| CVE-2025-3395 | Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. | 8.4 | 0.08% | 2025-04-30 | 2026-06-17 |
| CVE-2025-9970 | Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21. | 5.7 | 0.09% | 2025-10-08 | 2026-06-17 |
| CVE-2024-10334 | A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used. An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X. | 7.0 | 0.09% | 2025-02-10 | 2026-06-17 |
| CVE-2026-0936 | An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disabled by default and must be explicitly enabled by the user. | 5.1 | 0.10% | 2026-01-29 | 2026-06-17 |
| CVE-2025-7064 | Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024. | 5.6 | 0.12% | 2026-06-11 | 2026-06-17 |
| CVE-2024-45482 | An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands. | 8.5 | 0.12% | 2025-03-25 | 2026-06-17 |
| CVE-2024-45481 | An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user. | 8.5 | 0.12% | 2025-03-25 | 2026-06-17 |
| CVE-2021-22278 | A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. | 6.7 | 0.12% | 2021-10-28 | 2026-06-16 |
| CVE-2024-4009 | Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System | 7.3 | 0.13% | 2024-06-05 | 2026-06-17 |
| CVE-2024-10209 | An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in B&R APROL <4.4-01 may allow an authenticated local attacker to read and alter the configuration of another engineering or runtime user. | 8.5 | 0.13% | 2025-03-25 | 2026-06-17 |