CVE-2024-4007
published 2024-07-01CVE-2024-4007: Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
high8.7CVSS 4.0
AVAACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSNAUNRUVDRELURed
EXPLOIT
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| abb | aspect-ent-12_firmware | < 3.07.02 | 3.07.02 |
| abb | aspect-ent-256_firmware | < 3.07.02 | 3.07.02 |
| abb | aspect-ent-2_firmware | < 3.07.02 | 3.07.02 |
| abb | aspect-ent-96_firmware | < 3.07.02 | 3.07.02 |
| abb | aspect_enterprise | — | — |
| abb | matrix-11_firmware | < 3.07.02 | 3.07.02 |
| abb | matrix-216_firmware | < 3.07.02 | 3.07.02 |
| abb | matrix-232_firmware | < 3.07.02 | 3.07.02 |
| abb | matrix-264_firmware | < 3.07.02 | 3.07.02 |
| abb | matrix-296_firmware | < 3.07.02 | 3.07.02 |
| abb | matrix_series | — | — |
| abb | nexus-2128_firmware | < 3.07.02 | 3.07.02 |
| abb | nexus-264_firmware | < 3.07.02 | 3.07.02 |
| abb | nexus-3-2128_firmware | < 3.07.02 | 3.07.02 |
| abb | nexus-3-264_firmware | < 3.07.02 | 3.07.02 |