CVE-2024-51544External Control of System or Configuration Setting in Aspect-ent-12 Firmware

CWE-15External Control of System or Configuration Setting4 documents4 sources
Severity
8.8HIGHNVD
EPSS
3.6%
top 12.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
22
ABB Aspect-ent-12 FirmwareABB Aspect-ent-256 FirmwareABB Aspect-ent-2 Firmware+19 more
Timeline
PublishedDec 5
Latest updateSep 30

Description

Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:L/SI:L/SA:L

Affected Packages22 packages

CVEListV5abb/nexus_series3.08.02
CVEListV5abb/matrix_series3.08.02
CVEListV5abb/aspect-enterprise3.08.02
NVDabb/matrix-11_firmware< 3.08.03
NVDabb/nexus-264_firmware< 3.08.03

🔴Vulnerability Details

2
CVEList
Service Control2024-12-05
GHSA
GHSA-6g3p-q5xv-hq72: Service Control vulnerabilities allow access to service restart requests and vm configuration settings2024-12-05

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS ABB Cylon Aspect 3.08.02 Arbitrary Heap Memory Configuration (CVE-2024-51544)2025-09-30
CVE-2024-51544 — ABB vulnerability | cvebase