CVE-2024-4007

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-4007

CWE

https://cwe.mitre.org/data/definitions/1392.html

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured.

Weakness

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

Affected Software

Name	Vendor	Start Version	End Version
Aspect-ent-12_firmware	Abb	*	3.07.02 (excluding)

Potential Mitigations

References

https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A6101\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch

Use of Default Credentials

Weakness

Affected Software

Potential Mitigations

References