Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ABB — Vulnerabilities & Security Advisories 211

Browse all 211 CVE security advisories affecting ABB. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ABB operates as a global leader in electrification and industrial automation, providing critical infrastructure for power grids, manufacturing, and transportation. With 211 recorded Common Vulnerabilities and Exposures (CVEs), the company’s software and hardware ecosystems have historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from legacy industrial control systems and web-based management interfaces, exposing operational technology to potential compromise. Notable incidents include the discovery of hardcoded credentials and unpatched firmware in various PLCs and HMIs, which attackers have exploited to gain unauthorized network access. The sheer volume of CVEs highlights significant challenges in maintaining security across diverse, long-lifecycle products. While ABB implements security updates, the complexity of its integrated solutions continues to present persistent risks for industrial environments relying on its technology.

Found 58 results / 211Clear Filters
Top products by ABB: ASPECT-Enterprise eSOMS ABB Ability™ Symphony® Plus Operations FLXEON ABB Ability™ zenon Central Licensing System Drive Composer entry TG/S 3.2 Telephone Gateway RMC-100 PB610 Panel Builder 600 ANC ABB Zenon ASPECT Terra AC wallbox System 800xA Base AWIN GW100 rev.2 WebPro SNMP Card PowerValue SPIET800 RobotWare 6 Terra AC wallbox (UL40/80A) AC500 V2 products with onboard Ethernet IRB140 Freelance controllers AC 700F REX640 PCL1 OPC Server for AC 800M Automation Builder e-Design AC500 V3 Advant MOD 300 AdvaBuild Pulsar Plus System Controller NE843_S
CVE IDTitleCVSSSeverityPublished
CVE-2024-13945 Stored Absolute Path Traversal — ASPECT-EnterpriseCWE-36 6.0 Medium2025-05-23
CVE-2024-51552 Weak Password Storage — ASPECT-EnterpriseCWE-257 6.0 Medium2025-05-22
CVE-2024-13958 Stored Cross Site Scripting — ASPECT-EnterpriseCWE-79 4.8 Medium2025-05-22
CVE-2024-13957 SSRF Server Side Request Forgery — ASPECT-EnterpriseCWE-918 7.6 High2025-05-22
CVE-2024-13956 SSL Verification Bypass — ASPECT-EnterpriseCWE-295 6.7 Medium2025-05-22
CVE-2024-13955 SQL Injection 2nd Order — ASPECT-EnterpriseCWE-89 8.8 High2025-05-22
CVE-2024-13954 Serialization / Deserialization of configuration data — ASPECT-EnterpriseCWE-922 6.5 Medium2025-05-22
CVE-2024-13953 Sensitive Information disclosed in log files — ASPECT-EnterpriseCWE-359 4.9 Medium2025-05-22
CVE-2024-13952 Remote Code Execution — ASPECT-EnterpriseCWE-94 8.4 High2025-05-22
CVE-2024-51553 Predictable Filename — ASPECT-EnterpriseCWE-73 6.5 Medium2025-05-22
CVE-2024-13951 One way hash with predictable salt — ASPECT-EnterpriseCWE-760 7.6 High2025-05-22
CVE-2024-13950 Log Injection — ASPECT-EnterpriseCWE-79 6.8 Medium2025-05-22
CVE-2024-13949 Log Forging — ASPECT-EnterpriseCWE-117 6.8 Medium2025-05-22
CVE-2024-48848 LARGECONTENT - device disk overutilization — ASPECT-EnterpriseCWE-774 6.5 Medium2025-05-22
CVE-2024-13948 Insecure Permissions — ASPECT-EnterpriseCWE-276 7.3 High2025-05-22
CVE-2024-13947 External System or Configuration Control — ASPECT-EnterpriseCWE-863 6.0 Medium2025-05-22
CVE-2024-13946 Binary Planting / LoadLibrary DLL's not Signed — ASPECT-EnterpriseCWE-427 6.8 Medium2025-05-22
CVE-2024-13931 Authenticated Relative Path Traversal — ASPECT-EnterpriseCWE-606 7.2 High2025-05-22
CVE-2024-13930 Authenticated Unchecked Loop Condition — ASPECT-EnterpriseCWE-606 4.9 Medium2025-05-22
CVE-2024-13929 Authenticated Servlet Command Injection — ASPECT-EnterpriseCWE-94 7.2 High2025-05-22
CVE-2024-13928 Authenticated SQL Injection — ASPECT-EnterpriseCWE-94 7.2 High2025-05-22
CVE-2025-30169 Admin Authorized File Upload and Execute PHP — ASPECT-EnterpriseCWE-434 6.7 Medium2025-05-22
CVE-2025-30173 Admin Authorized File Upload — ASPECT-EnterpriseCWE-434 6.7 Medium2025-05-22
CVE-2025-30172 Admin Authorized Remote Code Execution — ASPECT-EnterpriseCWE-94 8.0 High2025-05-22
CVE-2025-30171 Admin Authorized System File Deletion — ASPECT-EnterpriseCWE-863 9.0 Critical2025-05-22
CVE-2025-30170 Admin Authorized Exposure of file path, file size or file existence — ASPECT-EnterpriseCWE-497 5.5 Medium2025-05-22
CVE-2025-2409 Admin Authorized System File corruption — ASPECT-EnterpriseCWE-73 9.1 Critical2025-05-22
CVE-2025-2410 Admin Authorized Port (iptables) manipulation (open/close/disable ports) — ASPECT-EnterpriseCWE-99 9.1 Critical2025-05-22
CVE-2024-9639 Authenticated Remote Code Execution — ASPECT-EnterpriseCWE-94 8.0 High2025-05-22
CVE-2024-48850 Authenticated Absolute Path Traversal — ASPECT-EnterpriseCWE-36 7.2 High2025-05-22

This page lists every published CVE security advisory associated with ABB. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.