Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GSD-2024-4007
Vulnerability from gsd - Updated: 2024-04-20 05:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-4007"
],
"id": "GSD-2024-4007",
"modified": "2024-04-20T05:02:01.111660Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-4007",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
CVE-2024-4007 (GCVE-0-2024-4007)
Vulnerability from cvelistv5 – Published: 2024-07-01 12:06 – Updated: 2024-08-01 20:26
VLAI
EPSS
Title
Hard coded default credential contained in install package
Summary
Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1392 - Use of Default Credentials
Assigner
References
1 reference
Impacted products
22 products
| Vendor | Product | Version | |
|---|---|---|---|
| ABB | ASPECT Enterprise (ASP-ENT-x) |
Affected:
3.07
|
|
| ABB | NEXUS Series (NEX-2x, NEXUS-3-x) |
Affected:
3.07
|
|
| ABB | MATRIX Series(MAT-x) |
Affected:
3.07
|
|
| abb | aspect-ent-2_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:aspect-ent-2_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | aspect-ent-96_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:aspect-ent-96_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-2128-a_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-2128-a_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-2128-f_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-2128-f_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-2128_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-2128_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-2128-g_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-2128-g_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-264-a_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-264-a_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-264-f_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-264-f_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-264_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-264_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-264-g_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-264-g_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-3-2128_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-3-2128_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | nexus-3-264_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:nexus-3-264_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | matrix-11_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:matrix-11_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | matrix-216_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:matrix-216_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | matrix-232_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:matrix-232_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | matrix-264_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:matrix-264_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | aspect-ent-12_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:aspect-ent-12_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | aspect-ent-256_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:aspect-ent-256_firmware:3.0.0:*:*:*:*:*:*:* |
|
| abb | matrix-296_firmware |
Affected:
3.0.0 , < 3.07.02
(custom)
cpe:2.3:o:abb:matrix-296_firmware:3.0.0:*:*:*:*:*:*:* |
Date Public
2024-07-01 03:30
Credits
ABB likes to thank https://divd.nl for reporting the vulnerability in responsible disclosure.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:abb:aspect-ent-2_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "aspect-ent-2_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:aspect-ent-96_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "aspect-ent-96_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-2128-a_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-2128-a_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-2128-f_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-2128-f_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-2128_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-2128_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-2128-g_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-2128-g_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-264-a_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-264-a_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-264-f_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-264-f_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-264_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-264_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-264-g_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nexus-264-g_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-3-2128_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-3-2128_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:nexus-3-264_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nexus-3-264_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:matrix-11_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "matrix-11_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:matrix-216_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "matrix-216_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:matrix-232_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "matrix-232_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:matrix-264_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "matrix-264_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:aspect-ent-12_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "aspect-ent-12_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:aspect-ent-256_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "aspect-ent-256_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:abb:matrix-296_firmware:3.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "matrix-296_firmware",
"vendor": "abb",
"versions": [
{
"lessThan": "3.07.02",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-02T19:33:48.062617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T14:13:05.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:26:57.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://new.abb.com/low-voltage/de/produkte/gebaeudeautomation/produktsortiment/cylon/produkte/aspect-enterprise",
"defaultStatus": "unaffected",
"packageName": "Installer",
"platforms": [
"Linux"
],
"product": "ASPECT Enterprise (ASP-ENT-x)",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "3.07"
}
]
},
{
"collectionURL": "https://new.abb.com/low-voltage/de/produkte/gebaeudeautomation/produktsortiment/cylon/produkte/nexus-series",
"defaultStatus": "unaffected",
"packageName": "Installer",
"platforms": [
"Linux"
],
"product": "NEXUS Series (NEX-2x, NEXUS-3-x)",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "3.07"
}
]
},
{
"collectionURL": "https://new.abb.com/low-voltage/de/produkte/gebaeudeautomation/produktsortiment/cylon/produkte/matrix",
"defaultStatus": "unaffected",
"packageName": "Installer",
"platforms": [
"Linux"
],
"product": "MATRIX Series(MAT-x)",
"vendor": "ABB",
"versions": [
{
"status": "affected",
"version": "3.07"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ABB likes to thank https://divd.nl for reporting the vulnerability in responsible disclosure."
}
],
"datePublic": "2024-07-01T03:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.\u003cbr\u003e"
}
],
"value": "Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured."
}
],
"impacts": [
{
"capecId": "CAPEC-49",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-49 Password Brute Forcing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NEGLIGIBLE",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:L/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392: Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T00:10:15.764Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nABB Strongly recommends the following actions on any released SW version of ASPECT:\n- Change the PHPmyAdmin Password according to the system manual:\u0026nbsp; All customers who operate the ASPECT System with its default password are recommended to replace this default password with a unique, secure password, containing a\nmix of characters, numbers, and special characters with at least 10 characters in length.\n- Never expose open ports to the ASPECT product towards the Internet or any insecure network.\n- When remote access is required, use secure methods, such as Virtual Private Networks (VPNs).\nRecognize that VPNs may have vulnerabilities and should be updated to the most current version\navailable. Also, understand that VPNs are only as secure as the connected devices.\n- ABB recommends that customers shall apply the latest product update at the earliest convenience.\n\n\n\u003cbr\u003e"
}
],
"value": "ABB Strongly recommends the following actions on any released SW version of ASPECT:\n- Change the PHPmyAdmin Password according to the system manual:\u00a0 All customers who operate the ASPECT System with its default password are recommended to replace this default password with a unique, secure password, containing a\nmix of characters, numbers, and special characters with at least 10 characters in length.\n- Never expose open ports to the ASPECT product towards the Internet or any insecure network.\n- When remote access is required, use secure methods, such as Virtual Private Networks (VPNs).\nRecognize that VPNs may have vulnerabilities and should be updated to the most current version\navailable. Also, understand that VPNs are only as secure as the connected devices.\n- ABB recommends that customers shall apply the latest product update at the earliest convenience."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Hard coded default credential contained in install package",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nASPECT system shall not be connected directly to untrusted networks such as the Internet.\nIf remote access to an ASPECT system is a customer requirement, the system shall operate behind a firewall. User accessing ASPECT remotely shall do this using a VPN Gateway allowing access to the particular\nnetwork segment where ASPECT is installed and configured in.\nNote: it is crucial that the VPN Gateway and Network is setup in accordance with best industry standards and maintained in terms of security patches for all related components.\nAny default credentials shall be exchanged with a unique credential supporting adequate strength. \n\n\u003cbr\u003e"
}
],
"value": "ASPECT system shall not be connected directly to untrusted networks such as the Internet.\nIf remote access to an ASPECT system is a customer requirement, the system shall operate behind a firewall. User accessing ASPECT remotely shall do this using a VPN Gateway allowing access to the particular\nnetwork segment where ASPECT is installed and configured in.\nNote: it is crucial that the VPN Gateway and Network is setup in accordance with best industry standards and maintained in terms of security patches for all related components.\nAny default credentials shall be exchanged with a unique credential supporting adequate strength."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2024-4007",
"datePublished": "2024-07-01T12:06:53.048Z",
"dateReserved": "2024-04-19T17:08:37.839Z",
"dateUpdated": "2024-08-01T20:26:57.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…