Port Manipulation Vulnerability Affecting ASPECT and NEXUS Products by ABB
CVE-2025-2410

8.9HIGH

Key Information:

Vendor

Abb

Status
Aspect-enterprise
Nexus Series
Matrix Series
Vendor
CVE Published:
22 May 2025

What is CVE-2025-2410?

A vulnerability has been identified in ABB's ASPECT software, enabling potential attackers to manipulate TCP/IP port access if the session administrator's credentials are compromised. This flaw affects multiple product lines including ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all versions up to 3.08.03. Mitigating this vulnerability is critical to ensure network security and prevent unauthorized access to sensitive systems.

Affected Version(s)

ASPECT-Enterprise Linux 0 <= 3.08.03

MATRIX Series Linux 0 <= 3.08.03

NEXUS Series Linux 0 <= 3.08.03

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V4

Score:
8.9
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-2410 : Port Manipulation Vulnerability Affecting ASPECT and NEXUS Products by ABB