CVE-2024-51547

CWE-798 — Hard-coded Credentials CWE-312 — Cleartext Storage of Sensitive Info3 documents3 sources

Severity

9.3CRITICAL

EPSS

0.1%

top 65.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ABB Aspect-enterprise ABB Matrix Series ABB Nexus Series +19 more

Timeline

PublishedFeb 6

Description

Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages22 packages

▶CVEListV5abb/nexus_series3.*

▶CVEListV5abb/matrix_series3.*

▶CVEListV5abb/aspect-enterprise3.*

▶NVDabb/matrix-11_firmware3.08.03

▶NVDabb/nexus-264_firmware3.08.03

🔴Vulnerability Details

GHSA

GHSA-255m-x7w5-9w65: Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series↗2025-02-06

▶

CVEList

Credentials Disclosure - keys↗2025-02-06

▶