CVE-2024-4007: Hard coded default credential contained in install package
First published: Mon Jul 01 2024(Updated: )
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
Credit: cybersecurity@ch.abb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ABB ASPECT - Enterprise | ||
| ABB NEXUS Series | ||
| ABB MATRIX Series |
Remedy
ABB Strongly recommends the following actions on any released SW version of ASPECT: - Change the PHPmyAdmin Password according to the system manual: All customers who operate the ASPECT System with its default password are recommended to replace this default password with a unique, secure password, containing a mix of characters, numbers, and special characters with at least 10 characters in length. - Never expose open ports to the ASPECT product towards the Internet or any insecure network. - When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices. - ABB recommends that customers shall apply the latest product update at the earliest convenience.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-4007?
CVE-2024-4007 is classified as a critical vulnerability due to the presence of default credentials that allow unauthorized access.
How do I fix CVE-2024-4007?
To mitigate CVE-2024-4007, change the default credentials on all ABB ASPECT, NEXUS Series, and MATRIX Series products to strong, unique passwords.
What products are affected by CVE-2024-4007?
CVE-2024-4007 affects ABB ASPECT, ABB NEXUS Series, and ABB MATRIX Series versions 3.07.
Can CVE-2024-4007 be exploited remotely?
Yes, CVE-2024-4007 can be exploited remotely if the default credentials are not updated.
What is the impact of CVE-2024-4007 on my organization?
The impact of CVE-2024-4007 includes potential unauthorized access and control over affected ABB products, which can compromise security and operations.
- agent/references
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/type
- agent/description
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/remedy
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/abb
- canonical/abb aspect - enterprise
- canonical/abb nexus series
- canonical/abb matrix series