CVE-2024-51555

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.07.02 NEXUS Series version 3.07.02 MATRIX Series version 3.07.02

Description: The issue is related to the use of default passwords in the system, which does not require the installer to change them. This allows access to the device using publicly available default credentials. An attacker can exploit this to gain elevated privileges remotely.

Recommendations: For ABB ASPECT - Enterprise version 3.07.02, change the default credentials to secure ones as soon as possible. For NEXUS Series version 3.07.02, update the default passwords with unique and strong credentials. For MATRIX Series version 3.07.02, ensure that all default credentials are changed to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1393CWE-521

Related Identifiers

BDU:2024-10883

CVE-2024-51555

Affected Products

Abb Aspect

Matrix Series

Nexus Series

CVE-2024-51555

Weakness Enumeration

Related Identifiers

Affected Products

References · 7