CVE-2024-13954

CWE-9223 documents3 sources
Severity
5.1MEDIUM
EPSS
0.1%
top 73.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
ABB Aspect-enterpriseABB Matrix SeriesABB Nexus Series
Timeline
PublishedMay 22

Description

Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Affected Packages3 packages

CVEListV5abb/nexus_series3.*
CVEListV5abb/matrix_series3.*
CVEListV5abb/aspect-enterprise3.*

🔴Vulnerability Details

2
GHSA
GHSA-7r8r-45g3-pmf8: Serialized configuration information may be disclosed during device commissioning while using ASPECT's configuration toolsetThis issue affects ASPECT-2025-05-22
CVEList
Serialization / Deserialization of configuration data2025-05-22
CVE-2024-13954 (MEDIUM CVSS 5.1) | Serialized configuration informatio | cvebase.io