CVE-2024-51551

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.07.02 NEXUS Series version 3.07.02 MATRIX Series version 3.07.02

Description: The issue is related to default credential vulnerabilities in ASPECT on Linux, allowing access to the product using publicly available default credentials. It is also associated with incorrect input validation, which can be exploited by a remote attacker to gain unauthorized access to the device.

Recommendations: For ABB ASPECT - Enterprise version 3.07.02, update the default credentials to secure ones. For NEXUS Series version 3.07.02, change the default credentials to unique and secure ones. For MATRIX Series version 3.07.02, replace the default credentials with strong and unique ones.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1287CWE-798

Related Identifiers

BDU:2024-10926

CVE-2024-51551

Affected Products

Abb Aspect

Matrix Series

Nexus Series

CVE-2024-51551

Weakness Enumeration

Related Identifiers

Affected Products

References · 9