ABB ASPECT-Enterprise NEXUS and MATRIX Series

CVSS 9.8 CRITICAL

CVEs (1)

CVE-2024-51547

Please immediately do the following actions on any released SW version of ASPECT: - Stop and disconnect any ASPECT products that are exposed directly to the Internet, either via a direct ISP connection or via NAT port forwarding. - Ensure that physical controls are in place, so no unauthorized personnel can access your devices, components, peripheral equipment, and networks. - Ensure log-files, downloaded from the equipment is protected against unauthorized access. - Ensure that all ASPECT products are upgraded to the latest firmware version. Please find the latest version of ASPECT firmware on the respective product homepage. - When remote access is required, only use secure methods. If a Virtual Private Network (VPN) is used, ensure that the chosen VPN is secure i.e. updated to the most current version available and configured for secure access.

ABB

ABB · ASP-ENT-x <=3.08.03

ABB · NEX-2x <=3.08.03

ABB · <=3.08.02 <=3.08.02

ABB · MAT-x <=3.08.03

Critical manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.