CyberAlerts

CVE-2024-51543

Description: Information Disclosure vulnerabilities allow access to application configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-51542

Configuration Download

Description: Configuration Download vulnerabilities allow access to dependency configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS: HIGH (8.2)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-51541

Local File Inclusion

Description: Local File Inclusion vulnerabilities allow access to sensitive system information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-48847

MD5 bypass operation

Description: MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.  Affected products: ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-48846

Cross Side Request Forgery, CSRF

Description: Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-48844

Denial of Service, DoS

Description: Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS: HIGH (7.7)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-48843

Denial of Service, DoS

Description: Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS: HIGH (7.7)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-47133

UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier allow a remote authenticated attacker with an administrative...

Description: UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands.

CVSS: HIGH (7.2)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-42455

A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization...

Description: A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

CVE-2024-42449

From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary...

Description: From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE

December 6th, 2024 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-51543	Information Disclosure Description: Information Disclosure vulnerabilities allow access to application configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-51542	Configuration Download Description: Configuration Download vulnerabilities allow access to dependency configuration information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 CVSS: HIGH (8.2) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-51541	Local File Inclusion Description: Local File Inclusion vulnerabilities allow access to sensitive system information.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-48847	MD5 bypass operation Description: MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.  Affected products: ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01; MATRIX Series v3.08.01 CVSS: HIGH (8.8) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-48846	Cross Side Request Forgery, CSRF Description: Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-48844	Denial of Service, DoS Description: Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 CVSS: HIGH (7.7) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-48843	Denial of Service, DoS Description: Denial of Service vulnerabilities where found providing a potiential for device service disruptions.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02 CVSS: HIGH (7.7) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-47133	UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier allow a remote authenticated attacker with an administrative... Description: UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands. CVSS: HIGH (7.2) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-42455	A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization... Description: A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting services and exploit insecure deserialization by sending a serialized temporary file collection. This exploit allows the attacker to delete any file on the system with service account privileges. The vulnerability is caused by an insufficient blacklist during the deserialization process. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)
CVE-2024-42449	From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary... Description: From the VSPC management agent machine, under condition that the management agent is authorized on the server, it is possible to remove arbitrary files on the VSPC server machine. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE December 6th, 2024 (5 months ago)