CVE-2024-51554Off-by-one Error in Aspect-ent-12 Firmware

CWE-193Off-by-one Error3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.2%
top 56.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
22
ABB Aspect-ent-12 FirmwareABB Aspect-ent-256 FirmwareABB Aspect-ent-2 Firmware+19 more
Timeline
PublishedDec 5

Description

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L

Affected Packages22 packages

CVEListV5abb/nexus_series3.08.02
CVEListV5abb/matrix_series3.08.02
CVEListV5abb/aspect-enterprise3.08.02

🔴Vulnerability Details

2
CVEList
off-by-one-error2024-12-05
GHSA
GHSA-xj26-gx3h-x793: Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials2024-12-05
CVE-2024-51554 — Off-by-one Error in ABB | cvebase