Abb Flxeon vulnerabilities

7 known vulnerabilities affecting abb/flxeon.

Total CVEs
7
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-10207HIGHCVSS 7.5≤ 9.3.52025-09-18
CVE-2025-10207 [HIGH] CWE-1287 CVE-2025-10207: Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.This issue affects FLXEON Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5.
cvelistv5nvd
CVE-2024-48851HIGHCVSS 7.5≤ 9.3.52025-09-18
CVE-2024-48851 [HIGH] CWE-1287 CVE-2024-48851: Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution i Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution is possible due to an improper input validation. This issue affects FLXEON: through 9.3.5.
cvelistv5nvd
CVE-2025-10205HIGHCVSS 8.7≤ 9.3.52025-09-17
CVE-2025-10205 [HIGH] CWE-759 CVE-2025-10205: Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions
cvelistv5nvd
CVE-2024-48842HIGHCVSS 7.3≤ 9.3.52025-09-17
CVE-2024-48842 [HIGH] CWE-798 CVE-2024-48842: Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 a Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 and newer versions
cvelistv5nvd
CVE-2024-48849HIGHCVSS 8.8PoC≤ <= 9.3.42025-01-29
CVE-2024-48849 [HIGH] CWE-1385 CVE-2024-48849: Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficie Missing Origin Validation in WebSockets vulnerability in FLXEON. Session management was not sufficient to prevent unauthorized HTTPS requests. This issue affects FLXEON: through <= 9.3.4.
cvelistv5nvd
CVE-2024-48852MEDIUMCVSS 6.9PoC≤ <= 9.3.42025-01-29
CVE-2024-48852 [MEDIUM] CWE-532 CVE-2024-48852: Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through <= 9.3.4.
cvelistv5nvd
CVE-2024-48841CRITICALCVSS 10.0PoC≤ 9.3.42025-01-27
CVE-2024-48841 [CRITICAL] CWE-77 CVE-2024-48841: Network access can be used to execute arbitrary code with elevated privileges. This issue affe Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.
cvelistv5nvd