Linux Data Validation/Data Sanitization Vulnerabilities Affect ABB ASPECT Devices
CVE-2024-51550
10CRITICAL
Key Information
- Vendor
- Abb
- Status
- Aspect-enterprise
- Nexus Series
- Matrix Series
- Vendor
- CVE Published:
- 5 December 2024
Summary
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
Affected Version(s)
ASPECT-Enterprise <= 3.08.02
NEXUS Series <= 3.08.02
MATRIX Series <= 3.08.02
CVSS V3.1
Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Risk change from: null to: 10 - (CRITICAL)
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure