VARIoT IoT vulnerabilities database
| VAR-202505-3533 | CVE-2024-13948 | ABB multiple product information leakage vulnerability (CNVD-2025-13423) |
CVSS V2: 5.2 CVSS V3: 7.3 Severity: Medium |
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration informationThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB NEXUS Series is a monitoring and management system. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications.
ABB products have information disclosure vulnerabilities caused by incorrect default permissions. Attackers can exploit this vulnerability to obtain sensitive configuration information
| VAR-202505-4266 | CVE-2024-13947 | ABB multiple product information leakage vulnerability (CNVD-2025-13425) |
CVSS V2: 7.3 CVSS V3: 6.0 Severity: High |
Device commissioning parameters in ASPECT may be modified by an external source if administrative credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB NEXUS Series is a monitoring and management system. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications.
ABB products have information disclosure vulnerabilities caused by incorrect default permissions. Attackers can exploit this vulnerability to obtain sensitive configuration information
| VAR-202505-4072 | CVE-2024-13946 | ABB's multiple product code vulnerabilities |
CVSS V2: 6.4 CVSS V3: 6.8 Severity: High |
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB NEXUS Series is a monitoring and management system. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications.
ABB has a code issue vulnerability in many products, which is caused by an uncontrolled search path element defect. An attacker can exploit this vulnerability to execute arbitrary code on the system
| VAR-202505-4019 | CVE-2025-30172 | ABB multiple products code injection vulnerability (CNVD-2025-13765) |
CVSS V2: 6.8 CVSS V3: 8.0 Severity: High |
Remote Code Execution vulnerabilities are present in ASPECT if session administrator credentials become compromised
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB NEXUS Series is a monitoring and management system. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications.
ABB has a code injection vulnerability in many products that can be exploited by attackers to execute code
| VAR-202505-3492 | CVE-2025-30170 | ABB multiple product information leakage vulnerability (CNVD-2025-13766) |
CVSS V2: 6.8 CVSS V3: 5.5 Severity: Medium |
Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications
| VAR-202505-3302 | CVE-2025-30169 | ABB multiple product code issues vulnerability (CNVD-2025-13598) |
CVSS V2: 8.0 CVSS V3: 6.7 Severity: Medium |
File upload and execute vulnerabilities in ASPECT allow PHP script injection if session administrator credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications.
ABB has a code issue vulnerability in many products that can be exploited by attackers to cause PHP script injection
| VAR-202505-2576 | CVE-2024-9639 | ABB multiple products code injection vulnerability (CNVD-2025-13767) |
CVSS V2: 6.8 CVSS V3: 8.0 Severity: High |
Remote Code Execution vulnerabilities are present in ASPECT if session administra-tor credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications
| VAR-202505-4267 | CVE-2024-13931 | Path traversal vulnerabilities in multiple ABB products |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: High |
Relative Path Traversal vulnerabilities in ASPECT allow access to file resources if session administrator credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications
| VAR-202505-4073 | CVE-2024-13930 | ABB products have unidentified vulnerabilities |
CVSS V2: 6.1 CVSS V3: 4.9 Severity: Medium |
An Unchecked Loop Condition in ASPECT provides an attacker the ability to maliciously consume system resources if session administrator credentials become compromised
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB NEXUS Series is a monitoring and management system. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications.
There are security vulnerabilities in multiple ABB products. The vulnerability is caused by unchecked loop conditions. Attackers can exploit this vulnerability to cause system resource consumption
| VAR-202505-2599 | CVE-2024-13929 | ABB products Servlet injection vulnerability |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: High |
Servlet injection vulnerabilities in ASPECT allow remote code execution if session administrator credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications
| VAR-202505-3719 | CVE-2024-13928 | ABB products have SQL injection vulnerabilities (CNVD-2025-13770) |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: High |
SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of database repositories if session administrator credentials become compromised.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications
| VAR-202505-4134 | CVE-2025-47780 | Sangoma of Asterisk and certified asterisk In OS Command injection vulnerability |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run via the Asterisk command line interface (CLI) by configuring `cli_permissions.conf` (e.g. with the config line `deny=!*`) does not work which could lead to a security risk. If an administrator running an Asterisk instance relies on the `cli_permissions.conf` file to work and expects it to deny all attempts to execute shell commands, then this could lead to a security vulnerability. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue. Sangoma of Asterisk and certified asterisk for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
| VAR-202505-3022 | CVE-2025-47779 | Sangoma of Asterisk and certified asterisk Vulnerability related to improper sanitization of delimiters in |
CVSS V2: - CVSS V3: 7.7 Severity: HIGH |
Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, SIP requests of the type MESSAGE (RFC 3428) authentication do not get proper alignment. An authenticated attacker can spoof any user identity to send spam messages to the user with their authorization token. Abuse of this security issue allows authenticated attackers to send fake chat messages can be spoofed to appear to come from trusted entities. Even administrators who follow Security best practices and Security Considerations can be impacted. Therefore, abuse can lead to spam and enable social engineering, phishing and similar attacks. Versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk fix the issue. Sangoma of Asterisk and certified asterisk vulnerabilities related to improper sanitization of delimiters, special element 1 There is a filtering vulnerability in at least one instance.Information may be tampered with
| VAR-202505-3882 | CVE-2024-48853 | ABB products have privilege escalation vulnerabilities |
CVSS V2: 7.6 CVSS V3: 9.0 Severity: Critical |
An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as a "non" root ASPECT user. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ABB ASPECT and others are products of ABB of Switzerland. ABB ASPECT is a scalable building energy management and control solution. ABB MATRIX is an embedded building automation network controller. ABB NEXUS is a wireless and wired solution.
Many ABB products have a denial of service vulnerability, which is caused by disk overuse. Attackers can exploit this vulnerability to cause system resource exhaustion
| VAR-202505-4062 | CVE-2024-48850 | ABB Multiple Product Catalog Traversal Vulnerabilities |
CVSS V2: 8.3 CVSS V3: 7.2 Severity: High |
Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended resources.
This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications
| VAR-202505-2005 | CVE-2025-5080 | Shenzhen Tenda Technology Co.,Ltd. of fh451 Out-of-bounds write vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: High |
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of fh451 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to execute code
| VAR-202505-3817 | CVE-2025-3945 | Tridium of Niagara and Niagara Enterprise Security Vulnerability in inserting or changing arguments in |
CVSS V2: - CVSS V3: 7.2 Severity: HIGH |
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows Command Delimiters. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11. (DoS) It may be in a state
| VAR-202505-3461 | CVE-2025-3944 | Tridium of Niagara and Niagara Enterprise Security Vulnerability in improper permission assignment for critical resources in |
CVSS V2: - CVSS V3: 7.2 Severity: HIGH |
Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows File Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11. (DoS) It may be in a state
| VAR-202505-3074 | CVE-2025-3943 | Tridium of Niagara and Niagara Enterprise Security Vulnerability in |
CVSS V2: - CVSS V3: 4.1 Severity: MEDIUM |
Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter Injection. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11
| VAR-202505-2874 | CVE-2025-3942 | Tridium of Niagara and Niagara Enterprise Security Encoding and escaping vulnerabilities in |
CVSS V2: - CVSS V3: 4.3 Severity: MEDIUM |
Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before 4.14.2, before 4.15.1, before 4.10.11. Tridium recommends upgrading to Niagara Framework and Enterprise Security versions 4.14.2u2, 4.15.u1, or 4.10u.11