Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abb vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-7916
A Permissions, Privileges, and Access Controls issue exists in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the Guest account. A malicious user m...
Abb Vsn300 Firmware
Abb Vsn300 For React Firmware 2.1.3
7.5
CVSSv3
CVE-2017-7920
An Improper Authentication issue exists in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal ...
Abb Vsn300 Firmware
Abb Vsn300 For React Firmware 2.1.3
6.1
CVSSv3
CVE-2018-18997
Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an malicious user to display/execute...
Abb Gate-e1 Firmware
Abb Gate-e2 Firmware
9.8
CVSSv3
CVE-2018-18995
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, ...
Abb Gate-e1 Firmware
Abb Gate-e2 Firmware
9.8
CVSSv3
CVE-2017-9664
In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any authorization over the network using a HTTP ...
Abb Srea-50 Firmware
Abb Srea-01 Firmware
8.8
CVSSv3
CVE-2020-8477
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
Abb 800xa Information Manager 5.1
Abb 800xa Information Manager
Abb 800xa Information Manager 6.1
8.8
CVSSv3
CVE-2023-0228
Improper Authentication vulnerability in ABB Symphony Plus S+ Operations.This issue affects Symphony Plus S+ Operations: from 2.X up to and including 2.1 SP2, 2.2, from 3.X up to and including 3.3 SP1, 3.3 SP2.
Abb Symphony Plus S\\+ Operations 2.1
Abb Symphony Plus S\\+ Operations
Abb Symphony Plus S\\+ Operations 3.3
Abb Symphony Plus S\\+ Operations 2.2
9.8
CVSSv3
CVE-2019-18250
In all versions of ABB Power Generation Information Manager (PGIM) and Plant Connect, the affected product is vulnerable to authentication bypass, which may allow an malicious user to remotely bypass authentication and extract credentials from the affected device.
Abb Plant Connect
Abb Power Generation Information Manager
8.8
CVSSv3
CVE-2022-1607
Cross-Site Request Forgery (CSRF) vulnerability in ABB Pulsar Plus System Controller NE843_S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843_S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G2...
Abb Infinity Dc Power Plant
Abb Ne843 S
5.5
CVSSv3
CVE-2020-8482
Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data
Abb Device Library Wizard
Abb Device Library Wizard 6.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »