Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ABB — Vulnerabilities & Security Advisories 211

Browse all 211 CVE security advisories affecting ABB. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ABB operates as a global leader in electrification and industrial automation, providing critical infrastructure for power grids, manufacturing, and transportation. With 211 recorded Common Vulnerabilities and Exposures (CVEs), the company’s software and hardware ecosystems have historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from legacy industrial control systems and web-based management interfaces, exposing operational technology to potential compromise. Notable incidents include the discovery of hardcoded credentials and unpatched firmware in various PLCs and HMIs, which attackers have exploited to gain unauthorized network access. The sheer volume of CVEs highlights significant challenges in maintaining security across diverse, long-lifecycle products. While ABB implements security updates, the complexity of its integrated solutions continues to present persistent risks for industrial environments relying on its technology.

Top products by ABB: ASPECT-Enterprise eSOMS ABB Ability™ Symphony® Plus Operations FLXEON ABB Ability™ zenon Central Licensing System Drive Composer entry TG/S 3.2 Telephone Gateway RMC-100 PB610 Panel Builder 600 ANC ABB Zenon ASPECT Terra AC wallbox System 800xA Base AWIN GW100 rev.2 WebPro SNMP Card PowerValue SPIET800 RobotWare 6 Terra AC wallbox (UL40/80A) AC500 V2 products with onboard Ethernet IRB140 Freelance controllers AC 700F REX640 PCL1 OPC Server for AC 800M Automation Builder e-Design AC500 V3 Advant MOD 300 AdvaBuild Pulsar Plus System Controller NE843_S
CVE IDTitleCVSSSeverityPublished
CVE-2020-8479 ABB Central Licensing System - XML External Entity Injection — Central Licensing SystemCWE-91 9.4 Critical2020-04-29
CVE-2020-8473 ABB System 800xA Weak File Permissions - ABB System 800xA Base — System 800xA BaseCWE-732 7.3 High2020-04-28
CVE-2020-8472 ABB System 800xA Weak File Permissions - different products — OPC Server for AC 800MCWE-732 5.5 Medium2020-04-28
CVE-2020-8477 ABB System 800xA Information Manager Remote Code Execution — System 800xA Information ManagerCWE-79 8.8 High2020-04-22
CVE-2019-19107 ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Information Exposure — TG/S 3.2 Telephone GatewayCWE-264 6.2 Medium2020-04-22
CVE-2019-19106 ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Access Control issues — TG/S 3.2 Telephone GatewayCWE-264 9.1 Critical2020-04-22
CVE-2019-19105 ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Plaintext storing of credentials — TG/S 3.2 Telephone GatewayCWE-256 6.2 Medium2020-04-22
CVE-2019-19104 ABB/Busch-Jaeger Telephone Gateway TG/S 3.2 Improper Authentication and Access Control — TG/S 3.2 Telephone GatewayCWE-287 9.1 Critical2020-04-22
CVE-2020-8474 ABB System 800xA Weak Registry Permissions — System 800xA BaseCWE-275 7.8 High2020-04-22
CVE-2019-19002 ABB eSOMS X-XSS-Protection not enabled — eSOMSCWE-16 6.3 Medium2020-04-02
CVE-2019-19001 eSOMS X-FrameOption — eSOMSCWE-16 6.5 Medium2020-04-02
CVE-2019-19000 eSOMS Cachecontrol (Pragma) HTTP Header — eSOMSCWE-16 6.5 Medium2020-04-02
CVE-2019-19097 ABB eSOMS: SSL medium strength Cipher Suites — eSOMSCWE-16 5.9 Medium2020-04-02
CVE-2019-19096 ABB eSOMS: REDIS clear text credentials — eSOMSCWE-257 6.1 Medium2020-04-02
CVE-2019-19095 ABB eSOMS: Stored XSS vulnerability — eSOMSCWE-20 5.4 Medium2020-04-02
CVE-2019-19094 ABB eSOMS: SQL injection vulnerability — eSOMSCWE-89 7.6 High2020-04-02
CVE-2019-19093 ABB eSOMS: Password complexity issue — eSOMSCWE-521 6.5 Medium2020-04-02
CVE-2019-19092 ABB eSOMS: Viewstate without MAC Signature — eSOMSCWE-16 3.5 Low2020-04-02
CVE-2019-19091 ABB eSOMS: HTTP response information leakage — eSOMSCWE-16 4.3 Medium2020-04-02
CVE-2019-19090 ABB eSOMS: Secure Flag not set — eSOMSCWE-16 3.5 Low2020-04-02
CVE-2019-19089 eSOMS: X-Content-Type-Options Header Missing — eSOMSCWE-16 6.1 Medium2020-04-02
CVE-2019-19003 ABB eSOMS: HTTPOnly flag not set — eSOMSCWE-16 5.3 Medium2020-04-02
CVE-2019-18998 Asset Suite Direct Object Reference Access — Asset SuiteCWE-284 7.1 High2020-02-17
CVE-2019-18996 ABB PB610 HMIStudio accepts malicious DLL file in an application — PB610 Panel Builder 600CWE-424 7.1 High2019-12-18
CVE-2019-18997 PB610 HMISimulator provides interface with access to arbitrary files — PB610 Panel Builder 600CWE-424 4.3 Medium2019-12-18
CVE-2019-18994 ABB PB610 HMIStudio crashes after launching an empty *.JPR application file — ABB PB610 Panel Builder 600CWE-20 3.9 Low2019-12-18
CVE-2019-18995 ABB PB610 HMISimulator does not check content-length of the HTTP request — PB610 Panel Builder 600CWE-20 4.3 Medium2019-12-18
CVE-2018-17928 ABB CMS-770 授权问题漏洞 — CMS-770CWE-287 4.6 -2019-01-31
CVE-2018-17926 ABB M2M ETHERNET FW 授权问题漏洞 — M2M ETHERNETCWE-287 4.3 -2019-01-31
CVE-2018-10616 ABB Panel Builder 800 输入验证漏洞 — ABB Panel Builder 800CWE-20 8.4 -2018-07-18

This page lists every published CVE security advisory associated with ABB. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.