CVE-2025-30171

CWE-863 — Incorrect Authorization4 documents4 sources

Severity

7.3HIGH

EPSS

0.4%

top 42.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

ABB Aspect-enterprise ABB Matrix Series ABB Nexus Series

Timeline

PublishedMay 22

Description

System File Deletion vulnerabilities in ASPECT provide attackers access to delete system files if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/S:N

Affected Packages3 packages

▶CVEListV5abb/nexus_series3.08.03

▶CVEListV5abb/matrix_series3.08.03

▶CVEListV5abb/aspect-enterprise3.08.03

🔴Vulnerability Details

GHSA

GHSA-9vwh-wfrg-2h6f: System File Deletion vulnerabilities in ASPECT provide attackers access to delete system files if session administrator credentials become compromised↗2025-05-22

▶

CVEList

Admin Authorized System File Deletion↗2025-05-22

▶