First published: Fri Jul 05 2024(Updated: )
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely
Credit: cybersecurity@ch.abb.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ABB ASPECT | <=3.08.01 | |
ABB ASPECT | ||
All of | ||
ABB ASPECT | <=3.08.01 | |
ABB ASPECT | ||
All of | ||
ABB ASPECT | <=3.08.01 | |
ABB ASPECT | ||
All of | ||
ABB ASPECT | <=3.08.01 | |
ABB ASPECT | ||
All of | ||
Abb Nexus-2128 Firmware | <=3.08.01 | |
Abb Nexus-2128 Firmware | ||
All of | ||
Abb Nexus-2128-a Firmware | <=3.08.01 | |
Abb Nexus-2128-a | ||
All of | ||
ABB Nexus-2128-F | <=3.08.01 | |
Abb Nexus-2128-f Firmware | ||
All of | ||
Abb Nexus-2128-g | <=3.08.01 | |
Abb Nexus-2128-g Firmware | ||
All of | ||
Abb Nexus-264 Firmware | <=3.08.01 | |
Abb Nexus-264 Firmware | ||
All of | ||
Abb Nexus-264 Firmware | <=3.08.01 | |
Abb Nexus-264-a Firmware | ||
All of | ||
Abb Nexus-264 Firmware | <=3.08.01 | |
Abb Nexus-264-f Firmware | ||
All of | ||
Abb Nexus-264 Firmware | <=3.08.01 | |
Abb Nexus-264-g Firmware | ||
All of | ||
Abb Nexus-3-2128 | <=3.08.01 | |
Abb Nexus-3-2128 Firmware | ||
All of | ||
Abb Nexus-3-264 | <=3.08.01 | |
Abb Nexus-3-264 Firmware | ||
All of | ||
Abb Matrix-11 | <=3.08.01 | |
Abb Matrix-11 Firmware | ||
All of | ||
Abb Matrix-216 | <=3.08.01 | |
Abb Matrix-216 Firmware | ||
All of | ||
Abb Matrix-232 | <=3.08.01 | |
Abb Matrix-232 | ||
All of | ||
Abb Matrix-264 Firmware | <=3.08.01 | |
Abb Matrix-264 Firmware | ||
All of | ||
ABB MATRIX-296 Firmware | <=3.08.01 | |
ABB MATRIX-296 Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-6298 is classified as a critical vulnerability due to the potential for unauthorized remote code execution.
To mitigate CVE-2024-6298, ensure that your ABB ASPECT or NEXUS Series software is upgraded to a version beyond 3.08.01.
CVE-2024-6298 affects ABB ASPECT - Enterprise v3.08.01 and various NEXUS and MATRIX Series firmware versions up to 3.08.01.
Exploitation of CVE-2024-6298 could allow an attacker to gain unauthorized access and execute arbitrary code on the affected systems.
Currently, the primary mitigation for CVE-2024-6298 is to upgrade to a patched version, as no specific workaround is available.