Abb Security Vulnerabilities (CVEs)
Track 40 security vulnerabilities affecting Abb products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in ABB Automation Builder allows attackers to access sensitive information stored in cleartext and potentially modify critical reso...
Apr 30, 2025This CVE describes a use of hard-coded credentials vulnerability in multiple ABB industrial control system products. Attackers can use these embedded ...
Feb 6, 2025This vulnerability in ABB industrial control system web interfaces exposes authentication credentials in clear text or Base64 encoding during transmis...
Dec 5, 2024This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in ABB industrial control system products that allows attackers to make the serv...
Dec 5, 2024CVE-2024-51548 is a dangerous unrestricted file upload vulnerability in ABB ASPECT, NEXUS, and MATRIX series products that allows attackers to upload ...
Dec 5, 2024This CVE describes a data validation/sanitization vulnerability in ABB ASPECT industrial control system devices that allows injection of unvalidated d...
Dec 5, 2024CVE-2024-51554 is a default credential vulnerability in ABB ASPECT products on Linux that allows attackers to gain unauthorized access using publicly ...
Dec 5, 2024This vulnerability allows attackers to bypass MD5 checksum validation in ABB industrial control systems, potentially enabling malicious code execution...
Dec 5, 2024This CVE allows attackers to download configuration files containing dependency information from ABB industrial control systems. This affects ABB ASPE...
Dec 5, 2024This vulnerability in ABB's Service Control allows attackers to access service restart requests and virtual machine configuration settings. It affects...
Dec 5, 2024This CVE describes a username enumeration vulnerability in ABB industrial control system products that allows attackers to access user management func...
Dec 5, 2024This critical vulnerability in ABB ASPECT, NEXUS, and MATRIX series allows remote attackers to execute arbitrary code on affected systems by sending s...
Dec 5, 2024This CVE describes a Denial of Service vulnerability in ABB's ASPECT, NEXUS, and MATRIX series products. Attackers can exploit this vulnerability to c...
Dec 5, 2024This CVE describes weak password reset rules in ABB building automation systems that allow storage of weak passwords, potentially enabling unauthorize...
Dec 5, 2024CVE-2024-11317 is a session fixation vulnerability in ABB ASPECT, NEXUS, and MATRIX series products that allows attackers to set a user's session ID b...
Dec 5, 2024This CVE describes a file size check vulnerability in ABB ASPECT, NEXUS, and MATRIX series products that allows attackers to bypass file size limits. ...
Dec 5, 2024CVE-2020-11639 is a local privilege escalation vulnerability in Advant MOD 300 AdvaBuild that allows attackers with local access to inject malicious d...
Jul 23, 2024This vulnerability allows attackers to access files without authorization in ABB ASPECT-Enterprise, NEXUS Series, and MATRIX Series web servers. It af...
Jul 5, 2024This vulnerability involves default credentials in ABB ASPECT, NEXUS, and MATRIX Series version 3.07 install packages. Attackers can exploit this to l...
Jul 1, 2024This vulnerability allows attackers to gain unauthorized access to the local KNX bus system in ABB, Busch-Jaeger, and FTS building automation devices....
Jun 5, 2024This CVE describes a NULL pointer dereference vulnerability in ABB RobotWare that allows attackers to cause denial of service conditions. When exploit...
May 14, 2024A numeric range comparison vulnerability in ABB Freelance controllers allows attackers to cause denial of service by exploiting missing minimum value ...
Aug 7, 2023This vulnerability allows low-privileged users to read and modify data in Zenon system directories, potentially enabling unauthorized access and manip...
Jul 24, 2023This vulnerability allows authenticated attackers on the same network segment as CoreTec 4 systems to execute arbitrary shell commands through the web...
Jun 28, 2023This CVE describes an improper privilege management vulnerability in ABB's ASPECT-Enterprise, NEXUS Series, and MATRIX Series products running on Linu...
Jun 5, 2023This CVE describes an improper authentication vulnerability in multiple ABB Terra AC wallbox electric vehicle charging station models. Attackers can b...
May 17, 2023CVE-2022-4126 is a vulnerability in ABB RCCMD software on Windows, Linux, and macOS, where the system uses default or common passwords, allowing attac...
Mar 27, 2023CVE-2023-0228 is an improper authentication vulnerability in ABB Symphony Plus S+ Operations that allows attackers to bypass authentication mechanisms...
Mar 2, 2023This CVE combines path traversal and command injection vulnerabilities in ABB flow computer and remote controller products. Attackers can exploit thes...
Jul 21, 2022This vulnerability in ABB Drive Composer allows low-privileged users to create and write arbitrary files anywhere on the file system with SYSTEM privi...
Jun 15, 2022This vulnerability in ABB Drive Composer allows low-privileged users to create and write arbitrary files anywhere on the file system with SYSTEM privi...
Jun 15, 2022This vulnerability in ABB ARG600 Wireless Gateway series allows remote attackers to connect to serial port gateways and protocol converters depending ...
May 10, 2022A validation error in the HCI Modbus TCP function in RTU500 devices allows attackers to send specially crafted messages causing the receiving RTU500 C...
May 2, 2022This CVE describes an improper input validation vulnerability in multiple ABB industrial control system products. An attacker can send specially craft...
Apr 1, 2022CVE-2021-22284 is an incorrect permission assignment vulnerability in ABB's OPC Server for AC 800M that allows attackers to execute arbitrary code on ...
Feb 4, 2022An improper input validation vulnerability in ABB SPIET800 and PNI800 modules allows attackers to send specially crafted input that causes denial of s...
Feb 4, 2022CVE-2020-24672 is a critical vulnerability in ABB's SoftControl Base Software that allows remote attackers to execute arbitrary code on affected syste...
Sep 8, 2021This critical SQL injection vulnerability in ABB's S+ Operations and S+ Historian software allows attackers to execute arbitrary SQL commands on the d...
Dec 22, 2020CVE-2020-24675 is an authentication bypass vulnerability in ABB's S+ Operations and S+ History software that allows unauthenticated attackers to injec...
Dec 22, 2020CVE-2020-24683 is an authentication bypass vulnerability in S+ Operations software where client-side authentication can be circumvented, allowing unau...
Dec 22, 2020Why Monitor Abb Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 40+ known vulnerabilities affecting Abb products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Abb packages in under 60 seconds. No agents required - completely agentless scanning that works across Abb deployments.
Free vulnerability database: Access detailed information about every Abb CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Abb CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
