CVSS: 10.0EPSS: 2%CPEs: 38EXPL: 2CVE-2024-6209 – unauthorized file access
https://notcve.org/view.php?id=CVE-2024-6209
05 Jul 2024 — Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series v <=3.08.01 ; MATRIX Series v<=3.08.01 allows Attacker to access files unauthorized Acceso no autorizado a archivos en WEB Server en ABB ASPECT - Enterprise v <=3.08.01; Serie NEXUS v <=3.08.01; MATRIX Series v<=3.08.01 permite a un atacante acceder a archivos no autorizados Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attac... • https://packetstorm.news/files/id/181802 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 10.0EPSS: 7%CPEs: 38EXPL: 2CVE-2024-6298 – remote code execution
https://notcve.org/view.php?id=CVE-2024-6298
05 Jul 2024 — Improper Input Validation vulnerability in ABB ASPECT-Enterprise on Linux, ABB NEXUS Series on Linux, ABB MATRIX Series on Linux allows Remote Code Inclusion.This issue affects ASPECT-Enterprise: through 3.08.01; NEXUS Series: through 3.08.01; MATRIX Series: through 3.08.01. Vulnerabilidad de validación de entrada incorrecta en ABB ASPECT-Enterprise en Linux, ABB NEXUS Series en Linux, ABB MATRIX Series en Linux permite la inclusión remota de código. Este problema afecta a ASPECT-Enterprise: hasta 3.08.01; ... • https://packetstorm.news/files/id/181803 • CWE-20: Improper Input Validation CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 10.0EPSS: 0%CPEs: 38EXPL: 1CVE-2023-0636 – Remote Code Execution via Command Injection
https://notcve.org/view.php?id=CVE-2023-0636
05 Jun 2023 — Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG100103... • https://packetstorm.news/files/id/181827 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 38EXPL: 0CVE-2023-0635 – Privilege escalation to root
https://notcve.org/view.php?id=CVE-2023-0635
05 Jun 2023 — Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R2021, 2CQG100106R2021, 2CQG100110R2021, 2CQG100112R2021, 2CQG100103R2021, 2CQG100107R2021, 2CQG100108R2021, 2CQG100109R2021, 2CQG100111R2021, 2CQG100113R2021 modules), ABB Ltd. MATRIX Series on MATRIX Series, Linux (2CQG100102R1021, 2CQG10... • https://search.abb.com/library/Download.aspx?DocumentID=2CKA000073B5403&LanguageCode=en&DocumentPartId=&Action=Launch • CWE-269: Improper Privilege Management CWE-1391: Use of Weak Credentials •