Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abb vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-7920
An Improper Authentication issue exists in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal ...
Abb Vsn300 Firmware
Abb Vsn300 For React Firmware 2.1.3
294
VMScore
CVE-2018-17926
The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior) is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism.
Abb Fw Firmware
Abb Eth-fw Firmware
383
VMScore
CVE-2018-18997
Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an malicious user to display/execute...
Abb Gate-e1 Firmware
Abb Gate-e2 Firmware
445
VMScore
CVE-2017-9664
In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any authorization over the network using a HTTP ...
Abb Srea-50 Firmware
Abb Srea-01 Firmware
668
VMScore
CVE-2018-18995
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, ...
Abb Gate-e1 Firmware
Abb Gate-e2 Firmware
605
VMScore
CVE-2020-8477
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
Abb 800xa Information Manager 5.1
Abb 800xa Information Manager
Abb 800xa Information Manager 6.1
NA
CVE-2023-0228
Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X up to and including 2.1 SP2, 2.2, from 3.X up to and including 3.3 SP1, 3.3 SP2.
Abb Symphony Plus S\\+ Operations 2.1
Abb Symphony Plus S\\+ Operations
Abb Symphony Plus S\\+ Operations 3.3
Abb Symphony Plus S\\+ Operations 2.2
NA
CVE-2022-1607
Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G2...
Abb Infinity Dc Power Plant
Abb Ne843 S
668
VMScore
CVE-2019-18250
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an malicious user to remotely bypass authentication and extract credentials from the affected device.
Abb Plant Connect
Abb Power Generation Information Manager
187
VMScore
CVE-2020-8482
Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data
Abb Device Library Wizard
Abb Device Library Wizard 6.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »