Sign-up

ID

VAR-202505-4073


CVE

CVE-2024-13930


TITLE

ABB products have unidentified vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2025-13769

DESCRIPTION

An Unchecked Loop Condition in ASPECT provides an attacker the ability to maliciously consume system resources if session administrator credentials become compromised This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. ABB ASPECT-Enterprise is a scalable building energy management and control solution. ABB NEXUS Series is a monitoring and management system. ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. There are security vulnerabilities in multiple ABB products. The vulnerability is caused by unchecked loop conditions. Attackers can exploit this vulnerability to cause system resource consumption

Trust: 1.44

sources: NVD: CVE-2024-13930 // CNVD: CNVD-2025-13769

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-13769

AFFECTED PRODUCTS

vendor:abbmodel:aspect-enterprisescope:lteversion:<=3.08.03

Trust: 0.6

vendor:abbmodel:nexus seriesscope:lteversion:<=3.08.03

Trust: 0.6

vendor:abbmodel:matrix seriesscope:lteversion:<=3.08.03

Trust: 0.6

sources: CNVD: CNVD-2025-13769

CVSS

SEVERITY

CVSSV2

CVSSV3

cybersecurity@ch.abb.com: CVE-2024-13930
value: MEDIUM

Trust: 1.0

CNVD: CNVD-2025-13769
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2025-13769
severity: MEDIUM
baseScore: 6.1
vectorString: AV:N/AC:L/AU:M/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: MULTIPLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.4
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cybersecurity@ch.abb.com: CVE-2024-13930
baseSeverity: MEDIUM
baseScore: 4.9
vectorString: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-13769 // NVD: CVE-2024-13930

PROBLEMTYPE DATA

problemtype:CWE-606

Trust: 1.0

sources: NVD: CVE-2024-13930

PATCH

title:Patch for ABB products have unidentified vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/702281

Trust: 0.6

sources: CNVD: CNVD-2025-13769

EXTERNAL IDS

db:NVDid:CVE-2024-13930

Trust: 1.6

db:CNVDid:CNVD-2025-13769

Trust: 0.6

sources: CNVD: CNVD-2025-13769 // NVD: CVE-2024-13930

REFERENCES

url:https://search.abb.com/library/download.aspx?documentid=9akk108471a0021&languagecode=en&documentpartid=pdf&action=launch

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2024-13930

Trust: 0.6

sources: CNVD: CNVD-2025-13769 // NVD: CVE-2024-13930

SOURCES

db:CNVDid:CNVD-2025-13769
db:NVDid:CVE-2024-13930

LAST UPDATE DATE

2025-06-27T23:18:58.580000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-13769date:2025-06-26T00:00:00
db:NVDid:CVE-2024-13930date:2025-05-23T15:55:02.040

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-13769date:2025-06-26T00:00:00
db:NVDid:CVE-2024-13930date:2025-05-22T18:15:39.880