CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-30171: Admin Authorized System File Deletion

7.3 CVSS

Description

System File Deletion vulnerabilities in ASPECT provide attackers access to delete system files if session administrator credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.

Classification

CVE ID: CVE-2025-30171

CVSS Base Severity: HIGH

CVSS Base Score: 7.3

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/S:N/AU:N/R:U/V:C

Problem Types

CWE-863 Incorrect Authorization

Affected Products

Vendor: ABB

Product: ASPECT-Enterprise, NEXUS Series, MATRIX Series

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.07% (probability of being exploited)

EPSS Percentile: 21.68% (scored less or equal to compared to others)

EPSS Date: 2025-06-14 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-30171
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=pdf&Action=Launch

Timeline

2025-05-22 18:40:18 UTC
CVE

Admin Authorized System File Deletion