Home

Description

The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT

PUBLISHED Reserved 2025-07-15 | Published 2025-08-11 | Updated 2025-09-04 | Assigner ABB




HIGH: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CRITICAL: 9.2CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-306 Missing Authentication for Critical Function

Product status

Default status
unaffected

All versions (custom)
affected

Credits

ABB acknowledges Gjoko Krstikj, Zero Science Lab, for reporting vulnerabilities in responsible disclosure. finder

References

search.abb.com/...geCode=en&DocumentPartId=pdf&Action=Launch

cve.org (CVE-2025-7679)

nvd.nist.gov (CVE-2025-7679)

Download JSON