PT-2024-9198 · Abb · Matrix Series+2
Published
2024-12-05
·
Updated
2024-12-05
·
CVE-2024-48845
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
ABB ASPECT - Enterprise version 3.07.02
NEXUS Series version 3.07.02
MATRIX Series version 3.07.02
Description:
The issue is related to weak password requirements in the software, which could allow a remote attacker to gain unauthorized administrative or application access. This is due to vulnerabilities in the password reset rules, potentially allowing the storage of weak passwords.
Recommendations:
For ABB ASPECT - Enterprise version 3.07.02, consider implementing stronger password policies to mitigate the risk of unauthorized access.
For NEXUS Series version 3.07.02, restrict access to administrative functions until a more secure password reset mechanism is in place.
For MATRIX Series version 3.07.02, avoid using weak passwords and consider temporarily disabling remote access to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Abb Aspect
Matrix Series
Nexus Series