CVE-2024-51555

Published Dec 5, 2024

Last updated 3 months ago

CVSS critical 9.3

Overview

Description
Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.  Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02
Source
cybersecurity@ch.abb.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

CVSS 3.1

Type
Secondary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

cybersecurity@ch.abb.com
CWE-1393
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-521

Social media

Hype score
Not currently trending

  1. CVE-2024-51555 Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to c… https://t.co/EtUStl8vTV

    @CVEnew

    5 Dec 2024

    386 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References