CVE-2024-51541

Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.08.02 NEXUS Series version 3.08.02 MATRIX Series version 3.08.02

Description: The issue is related to Local File Inclusion vulnerabilities, which allow access to sensitive system information. This is due to incorrect management of file names for PHP functions include or require. Exploitation of the issue may allow a remote attacker to gain access to confidential information.

Recommendations: For ABB ASPECT - Enterprise version 3.08.02, consider disabling the include and require PHP functions until a patch is available. For NEXUS Series version 3.08.02, restrict access to sensitive system information to minimize the risk of exploitation. For MATRIX Series version 3.08.02, avoid using the include and require PHP functions in sensitive areas of the system until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.