CVE-2024-4007
Hard coded default credential contained in install package
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:L/U:Red
Affected products
ABB · ASPECT Enterprise (ASP-ENT-x)ABB · MATRIX Series(MAT-x)ABB · NEXUS Series (NEX-2x, NEXUS-3-x)public PoCs found — 1
exploitdbwww.exploit-db.com/exploits/52112unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →