Опубликовано: 11 авг. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 7.3
CVSS3: 7
Описание
Improper Control of Generation of Code ('Code Injection') vulnerability in ABB ASPECT.This issue affects ASPECT: before <3.08.04-s01.
Improper Control of Generation of Code ('Code Injection') vulnerability in ABB ASPECT.This issue affects ASPECT: before <3.08.04-s01.
Связанные уязвимости
CVSS3: 9.8
nvd
6 месяцев назад
Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the system time, access files, and make function calls without prior authentication. This issue affects all versions of ASPECT prior to 3.08.04-s01