Abb Vulnerabilidad

Cronología

Escribe

Producto

ABB eSOMS14
ABB Symphony Plus Operations9
ABB Symphony Plus Historian9
ABB IDAL6
ABB Base Software for SoftControl5

Contramedidas

Official Fix23
Temporary Fix0
Workaround4
Unavailable0
Not Defined118

Explotabilidad

High0
Functional0
Proof-of-Concept1
Unproven0
Not Defined144

Vector de acceso

Not Defined0
Physical2
Local41
Adjacent13
Network89

Autenticación

Not Defined0
High6
Low61
None78

La interacción del usuario

Not Defined0
Required23
None122

C3BM Index

CVSSv3 Base

≤10
≤20
≤34
≤47
≤511
≤636
≤728
≤827
≤923
≤109

CVSSv3 Temp

≤10
≤20
≤34
≤47
≤512
≤635
≤729
≤828
≤921
≤109

VulDB

≤10
≤20
≤35
≤419
≤514
≤637
≤723
≤825
≤914
≤108

NVD

≤10
≤20
≤31
≤45
≤55
≤613
≤717
≤823
≤917
≤1015

CNA

≤10
≤20
≤30
≤42
≤54
≤65
≤712
≤818
≤98
≤102

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k39
<2k65
<5k40
<10k0
<25k1
<50k0
<100k0
≥100k0

Explotar hoy

<1k122
<2k19
<5k4
<10k0
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (103): 800xA (1), ABB AC500 V2 PM5xx (1), AC500 V2 (2), AC 700F (2), AC 900F (2), AO-OPC (1), ARG600 Wireless Gateway (1), ASPECT Enterprise (2), Ability Zenon (4), Asset Suite (1), Base Software for SoftControl (5), CP400 Panel Builder (1), CP635 HMI (1), CP651 (1), Compact Product Suite - Control and IO (1), Control Builder M Professional (2), Control Builder Safe (1), Control Software for AC 800M (1), ControlTouch (1), Counterparty Settlement Billing (1), Counterparty Settlement and Billing (1), DataManagerPro (1), Device Library Wizard (1), Drive Composer (4), Ellipse (1), Ellipse APM (1), Flow-X (1), Fox515T (2), HMI (1), Hitachi Energy MSM (2), IDAL (6), IP Gateway (3), Infinity DC Power Plant (2), MMSServer for AC800M (2), MMS Server for AC 800M (1), MicroSCADA (1), MicroSCADA Pro SYS600 (1), Mint WorkBench (1), My Control System (1), OPC Server for AC 800M (1), PB610 Panel Builder 600 (4), PCM600 (4), PCM600 Update Manager (1), PCU400 (1), PNI800 (3), Panel Builder 800 (2), PickMaster 3 (1), Plant Connect (1), Platform Engineering Tools (1), Pluto Safety PLC Gateway Ethernet GATE-E1 (2), Pluto Safety PLC Gateway Ethernet GATE-E2 (2), Power Generation Information Manager (1), Power Grids Retail Operations (1), Power Grids System Data Manager DM600 (1), Power Grids eSOMS (1), Product (1), Products (4), Programmable Logic Controller (1), Pulsar Plus System Controller NE843_S (2), QCS 800xA (1), QCS AC450 (1), QuickTeach (1), RCCMD (1), REX640 PCL1 (2), REX640 PCL2 (2), REX640 PCL3 (2), RMC-100 Standard (1), RMC-100-LITE (1), RTU500 (3), Relion 630 (1), Relion 650 (1), Relion 670 (1), Relion Protection Relays (1), Retail Operations (1), RobotWare for OmniCore Robot Controller (1), SPIET800 (3), SREA-01 (1), SREA-50 (1), Symphony Plus Historian (9), Symphony Plus Operations (9), Symphony Plus S+ Operations (1), System 800xA Base (3), System 800xA Batch Management (1), System 800xA Information Management (1), System 800xA Information Manager (1), System 800xA OPC Server for AC800M (2), System 800xA RNRP (1), System 800xA for DCI (1), System 800xA for MOD 300 (1), Telephone Gateway TG-S (4), Terra AC (2), Test Signal Viewer (1), UDC (1), VSN300 WiFi Logger Card (2), XFCG5 (1), XIO (1), XRCG5 (1), Zenon (3), e-Design (2), eSOMS (15), free@home System Access Point (1), netCADOPS Web Application (1), uFLOG5 (1)

Fecha de publicaciónBaseTempVulnerabilidadProdExpConCTIEPSSCVE
2023-08-077.87.8ABB AC 700F/AC 900F desbordamiento de búferDesconocidoNot DefinedNot Defined0.040.00046CVE-2023-0426
2023-08-077.87.8ABB AC 700F/AC 900F Controller Module Remote Code ExecutionDesconocidoNot DefinedNot Defined0.030.00046CVE-2023-0425
2023-07-286.66.6ABB AO-OPC escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00043CVE-2023-2685
2023-07-265.65.6ABB RTU500 HCI IEC 60870-5-104 desbordamiento de búferDesconocidoNot DefinedNot Defined0.000.00046CVE-2022-4608
2023-07-265.65.6ABB RTU500 HCI IEC 60870-5-104 desbordamiento de búferDesconocidoNot DefinedNot Defined0.020.00046CVE-2022-2502
2023-07-246.86.8ABB Ability Zenon escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00050CVE-2023-3324
2023-07-245.95.9ABB Ability Zenon escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00044CVE-2023-3323
2023-07-247.47.4ABB Ability Zenon escalada de privilegiosDesconocidoNot DefinedNot Defined0.000.00050CVE-2023-3322
2023-07-247.67.6ABB Ability Zenon Local Privilege EscalationDesconocidoNot DefinedNot Defined0.020.00050CVE-2023-3321
2023-06-134.14.1ABB REX640 PCL1/REX640 PCL2/REX640 PCL3 Firmware Module escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.020.00046CVE-2023-2876
2023-06-058.18.0ABB ASPECT Enterprise escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.000.00061CVE-2023-0636
2023-06-058.58.4ABB ASPECT Enterprise escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.030.00091CVE-2023-0635
2023-05-225.55.5ABB QCS 800xA/QCS AC450/Platform Engineering Tools divulgación de informaciónDesconocidoNot DefinedNot Defined0.000.00043CVE-2022-0010
2023-05-175.05.0ABB Terra AC cifrado débilDesconocidoNot DefinedNot Defined0.000.00044CVE-2023-0864
2023-05-178.88.8ABB Terra AC autenticación débilDesconocidoNot DefinedNot Defined0.000.00056CVE-2023-0863
2023-04-077.27.2ABB My Control System divulgación de informaciónDesconocidoNot DefinedNot Defined0.020.00091CVE-2023-0580
2023-03-315.35.2ABB ABB AC500 V2 PM5xx escalada de privilegiosDesconocidoNot DefinedOfficial Fix0.000.00055CVE-2022-3192
2023-03-315.35.2ABB Flow-X Web Service divulgación de informaciónDesconocidoNot DefinedOfficial Fix0.000.02751CVE-2023-1258
2023-03-279.49.3ABB RCCMD autenticación débilDesconocidoNot DefinedOfficial Fix0.020.00105CVE-2022-4126
2023-03-165.45.4ABB Pulsar Plus System Controller NE843_S cifrado débilDesconocidoNot DefinedNot Defined0.000.00053CVE-2022-26080
2023-03-027.57.5ABB Symphony Plus S+ Operations autenticación débilDesconocidoNot DefinedNot Defined0.000.00056CVE-2023-0228
2023-02-286.46.3ABB Relion Protection Relays denegación de servicioDesconocidoNot DefinedOfficial Fix0.000.00043CVE-2021-22283
2023-02-245.95.9ABB Pulsar Plus System Controller NE843_S cross site request forgeryDesconocidoNot DefinedNot Defined0.000.00062CVE-2022-1607
2022-08-257.07.0ABB Zenon Local Privilege EscalationDesconocidoNot DefinedNot Defined0.000.00044CVE-2022-34838
2022-08-255.65.6ABB Zenon Local Privilege EscalationDesconocidoNot DefinedNot Defined0.000.00044CVE-2022-34837

120 no se muestran más entradas

Might our Artificial Intelligence support you?

Check our Alexa App!