CVE-2022-3192 – Improper Check for Unusual or Exceptional Conditions
https://notcve.org/view.php?id=CVE-2022-3192
Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6. La vulnerabilidad de validación de entrada incorrecta en ABB AC500 V2 PM5xx permite la Manipulación del Protocolo Cliente-Servidor.Este problema afecta a AC500 V2: de la verisón 2.0.0 a la 2.8.6. • https://search.abb.com/library/Download.aspx?DocumentID=3ADR011162&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2023-1258 – Flow-X disclosure of sensitive information to unauthenticated users
https://notcve.org/view.php?id=CVE-2023-1258
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ABB Flow-X firmware on Flow-X embedded hardware (web service modules) allows Footprinting.This issue affects Flow-X: before 4.0. ABB FlowX version 4.00 suffers from a sensitive information exposure vulnerability. • https://www.exploit-db.com/exploits/51603 http://packetstormsecurity.com/files/173610/ABB-FlowX-4.00-Information-Disclosure.html https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A9754&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-4126 – Use of Default Password
https://notcve.org/view.php?id=CVE-2022-4126
Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and Passwords.This issue affects RCCMD: before 4.40 230207. • https://search.abb.com/library/Download.aspx?DocumentID=2CMT006099_EN&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-287: Improper Authentication CWE-1393: Use of Default Password •
CVE-2022-26080 – Easily guessable session ID's in NE843 Pulsar Plus Controller
https://notcve.org/view.php?id=CVE-2022-26080
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C(2) G461(2) – comcode 150047415. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A6732&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.256117643.1223066510.1678942947-1879524908.1677751217 • CWE-330: Use of Insufficiently Random Values •
CVE-2023-0228 – Improper authentication vulnerability in S+ Operations
https://notcve.org/view.php?id=CVE-2023-0228
Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X through 2.1 SP2, 2.2, from 3.X through 3.3 SP1, 3.3 SP2. • https://search.abb.com/library/Download.aspx?DocumentID=7PAA006722&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-287: Improper Authentication •