Default Credentials Vulnerability Affects ABB ASPECT on Linux
CVE-2024-51551

10CRITICAL

Key Information:

Vendor: Abb
Status: Aspect-enterprise; Nexus Series; Matrix Series
Vendor: CVE Published:; 5 December 2024

What is CVE-2024-51551?

A vulnerability in the ABB ASPECT product on Linux systems allows unauthorized access due to the use of publicly available default credentials. This issue potentially exposes sensitive system information and functionality to malicious actors. Affected versions include ABB ASPECT - Enterprise v3.07.02, NEXUS Series v3.07.02, and MATRIX Series v3.07.02. It is crucial for users to change default credentials to mitigate the risk associated with this vulnerability.

Affected Version(s)

ASPECT-Enterprise Linux 0 <= 3.07.02

MATRIX Series Linux 0 <= 3.07.02

NEXUS Series Linux 0 <= 3.07.02

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 5, 2024
Vulnerability Reserved
Oct 29, 2024

Credit

ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure

Abb

What is CVE-2024-51551?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit