CVE-2025-7679

CWE-306Missing Authentication3 documents3 sources
Severity
9.2CRITICAL
EPSS
0.1%
top 84.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
ABB Aspect
Timeline
PublishedAug 11

Description

The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5abb/aspectAll versions

🔴Vulnerability Details

2
GHSA
GHSA-9w76-3rx4-6rxf: Missing Authentication for Critical Function vulnerability in ABB Aspect2025-08-11
CVEList
Session ID Basic Auth Bypass2025-08-11
CVE-2025-7679 (CRITICAL CVSS 9.2) | The ASPECT system allows users to b | cvebase.io