ELSB/BLBA ASPECT advisory several CVEs

Act Now9.89akk108471a4462Aug 11, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

ABB ASPECT building management system contains multiple vulnerabilities in versions prior to 3.08.04-s01. The vulnerabilities were first reported in June 2023 and affect authentication mechanisms (CWE-288) and buffer handling (CWE-120). Some products in the ASPECT line have no planned fixes. ASPECT is an on-premise BMS with optional remote accessibility capabilities.

What this means

What could happen

An attacker with network access could bypass authentication or execute code on the building management system, allowing manipulation of building controls such as HVAC, lighting, access systems, or other mechanical/electrical infrastructure.

Who's at risk

Building managers and facility operators using ABB ASPECT building management systems should prioritize this. Any organization running ASPECT to control HVAC systems, access control, lighting, or other mechanical systems in buildings is affected. This includes commercial facilities, municipal buildings, hospitals, and data centers.

How it could be exploited

An attacker on the network (or remote if remote accessibility is enabled) sends a crafted request to the ASPECT system that bypasses authentication checks (CWE-288) or exploits a buffer overflow in input handling (CWE-120). This allows execution of arbitrary commands on the BMS, granting control over connected building systems.

Prerequisites

Network access to ASPECT system (local network or remote if cloud connectivity enabled)
No authentication credentials required

Remotely exploitable if remote accessibility enabledNo authentication requiredLow complexity attackHigh CVSS score (9.8)Authentication bypass vulnerabilityBuffer overflow vulnerabilityNo fix available for some products

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (4)

2 with fix2 EOL

ProductAffected VersionsFix Status

NEX-2x<3.08.04-s013.08.04-s01

MAT-x<3.08.04-s013.08.04-s01

ASP-ENT-x version<3.08.04-s01<3.08.04-s01No fix (EOL)

NEXUS-3-x version<3.08.04-s01<3.08.04-s01No fix (EOL)

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGFor ASP-ENT-x and NEXUS-3-x with no available fix, disable remote accessibility (cloud connectivity) and implement network segmentation to restrict access to the ASPECT system from untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

NEX-2x

HOTFIXUpgrade NEX-2x and MAT-x to version 3.08.04-s01 or later

Long-term hardening

0/1

WORKAROUNDFor products without fixes, contact ABB sales to discuss migration options or extended support for end-of-life products

CVEs (3)

CVE-2025-53187 CVE-2025-7677 CVE-2025-7679

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f1506cef-0214-497d-8ea5-72d034a2fe9d