CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7745 – Modbus TCP buffer overread
https://notcve.org/view.php?id=CVE-2025-7745
24 Jul 2025 — Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. • https://search.abb.com/library/Download.aspx?DocumentID=3ADR011432&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-126: Buffer Over-read •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-7705 – Authentication bypass due to compatibility mode enabled by default
https://notcve.org/view.php?id=CVE-2025-7705
22 Jul 2025 — : Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door/light 4 DU -83330-500.This issue affects Switch Actuator 4 DU-83330: All Versions; Switch actuator, door/light 4 DU -83330-500: All Versions. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A4556&LanguageCode=en&DocumentPartId=pdf&Action=Launch&_gl=1*1sgofnl*_gcl_au*MjA0NTI4OTE1Mi4xNzUzMTgxNTA2*_ga*MTIxMTUxMzg5MS4xNzUzMTgxNTA3*_ga_46ZFBRSZNM*czE3NTMxODE1MDckbzEkZzEkdDE3NTMxODE2MDIkajYwJGwwJGgw • CWE-489: Active Debug Code •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6071 – Hard Coded Key used for AES encryption
https://notcve.org/view.php?id=CVE-2025-6071
03 Jul 2025 — Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker can gain access to salted information to decrypt MQTT information. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Vulnerabilidad relacionada con el uso de claves criptográficas codificadas de forma rígida en ABB RMC-100, ABB RMC-100 LITE. Un atacante puede acceder a información con sal para descifrar información MQTT. Este problema afecta a RM... • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A3623&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6072 – Stack Buffer Overflow in MQTTCore
https://notcve.org/view.php?id=CVE-2025-6072
03 Jul 2025 — Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and CVE-2025-6074 is exploited, the attacker can use the JSON configuration to overflow the date of expiration field.This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Vulnerabilidad de desbordamiento de búfer en pila en ABB RMC-100, ABB RMC-100 LITE. Cuando el usuari... • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A3623&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6073 – Stack Buffer Overflow in MQTTCore
https://notcve.org/view.php?id=CVE-2025-6073
03 Jul 2025 — Stack-based Buffer Overflow vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to the control network, and user/password broker authentication is enabled, and CVE-2025-6074 is exploited, the attacker can overflow the buffer for username or password. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Vulnerabilidad de desbordamiento de búfer basada en pila en ABB RMC-10... • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A3623&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6074 – Authentication Bypass to the MQTT configuration Web Interface
https://notcve.org/view.php?id=CVE-2025-6074
03 Jul 2025 — Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the REST interface is enabled by the user, and an attacker gains access to source code and control network, the attacker can bypass the REST interface authentication and gain access to MQTT configuration data. This issue affects RMC-100: from 2105457-043 through 2105457-045; RMC-100 LITE: from 2106229-015 through 2106229-016. Vulnerabilidad relacionada con el uso de claves criptográficas codificadas de forma rígida en A... • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A3623&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4407 – Application does not invalidate session after password reset
https://notcve.org/view.php?id=CVE-2025-4407
30 Jun 2025 — Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel Pro: through 1.0.1. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A2771&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-613: Insufficient Session Expiration •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-13967 – ession-Management Failure
https://notcve.org/view.php?id=CVE-2024-13967
04 Jun 2025 — This vulnerability allows the successful attacker to gain unauthorized access to a configuration web page delivered by the integrated web Server of EIBPORT. This issue affects EIBPORT V3 KNX: through 3.9.8; EIBPORT V3 KNX GSM: through 3.9.8. Esta vulnerabilidad permite al atacante obtener acceso no autorizado a una página web de configuración proporcionada por el servidor web integrado de EIBPORT. Este problema afecta a EIBPORT V3 KNX (hasta la versión 3.9.8) y EIBPORT V3 KNX GSM (hasta la versión 3.9.8). • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A1621&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-384: Session Fixation •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-13945 – Stored Absolute Path Traversal
https://notcve.org/view.php?id=CVE-2024-13945
23 May 2025 — Stored Absolute Path Traversal vulnerabilities in ASPECT could expose sensitive data if administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-36: Absolute Path Traversal •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-51552 – Weak Password Storage
https://notcve.org/view.php?id=CVE-2024-51552
22 May 2025 — Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. • https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch • CWE-257: Storing Passwords in a Recoverable Format •