ABB ASPECT-Enterprise, NEXUS, and MATRIX Series Products

Act NowCVSS 10ICS-CERT ICSA-25-007-01Jan 7, 2025

ABBManufacturing

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Multiple critical vulnerabilities in ABB ASPECT-Enterprise, NEXUS, and MATRIX series products could enable remote code execution and operational disruption. The vulnerabilities span multiple CWEs including improper access control, insecure data transmission, path traversal, XSS, SSRF, and unsafe deserialization. All affected products version 3.08.02 and earlier require patching; some issues are resolved in version 3.08.02, while others require version 3.08.03 or later. The vulnerabilities could allow unauthenticated remote attackers to compromise the systems.

What this means

What could happen

An unauthenticated attacker on the network could execute arbitrary code on ABB automation control systems, potentially altering process setpoints, stopping operations, or causing equipment damage. This affects manufacturing operations relying on ASPECT-Enterprise, NEXUS, or MATRIX for process monitoring and control.

Who's at risk

Manufacturing facilities using ABB ASPECT-Enterprise, NEXUS (2x and 3x series), and MATRIX series automation controllers for process control, monitoring, and data acquisition. This includes utilities and industrial operators relying on these systems for critical operations such as production line management, power distribution, or water treatment automation.

How it could be exploited

An attacker with network access to an affected ABB system could send specially crafted requests to exploit multiple weaknesses—including insufficient input validation, insecure deserialization, and unsafe file handling—to execute remote code without authentication. The attack requires only network reachability to the device.

Prerequisites

Network access to the affected ABB system (IP reachable from attacker's network segment)
No authentication credentials required
Device running affected firmware version 3.08.02 or earlier

Remotely exploitableNo authentication requiredLow complexity attackHigh EPSS score (41.6%)Affects control systems performing safety-critical and operational functionsMultiple CWE categories indicate broad vulnerability surface

Exploitability

Likely to be exploited — EPSS score 41.6%

Affected products (12)

12 with fix

ProductAffected VersionsFix Status

ASP-ENT-x <=3.08.01≤ 3.08.01>=3.08.02

NEX-2x <=3.08.01≤ 3.08.01>=3.08.02

MAT-x <=3.08.01≤ 3.08.01>=3.08.02

NEXUS-3-x <=3.08.01≤ 3.08.01>=3.08.02

ASP-ENT-x <=3.08.02≤ 3.08.02>=3.08.02

NEX-2x <=3.08.02≤ 3.08.02>=3.08.02

NEXUS-3-x <=3.08.02≤ 3.08.02>=3.08.02

MAT-x <=3.08.02≤ 3.08.02>=3.08.02

Remediation & Mitigation

0/4

Do now

0/3

WORKAROUNDIf immediate patching is not possible, restrict network access to affected ABB systems to only authorized IP addresses and engineering workstations using firewall rules

HARDENINGEnsure affected ABB systems are not reachable from the Internet; place them behind firewalls and isolate from business networks

HARDENINGIf remote access to ABB systems is required, require use of VPN with multi-factor authentication and restrict to specific administrative accounts

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate ASPECT-Enterprise, NEXUS-3, NEX-2, and MATRIX systems to firmware version 3.08.03 or later

CVEs (26)

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/5f1db007-ea09-47c7-889d-de27bc823c7f

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.