AC500 V2
by Abb
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-24685 | Hig | 0.56 | 8.6 | 0.02 | Feb 9, 2021 | An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability. Vulnerability allows attacker to stop the PLC. After stopping (ERR LED flashing red), physical access to the PLC is required in order to restart… | ||
| CVE-2020-24686 | Hig | 0.49 | 7.5 | 0.01 | Feb 26, 2021 | The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnerability is exploited, the PLC will show… | ||
| CVE-2025-7745 | Med | 0.38 | 5.8 | 0.00 | Jul 24, 2025 | Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. | ||
| CVE-2022-3192 | Med | 0.34 | 5.3 | 0.01 | Mar 31, 2023 | Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6. |
- risk 0.56cvss 8.6epss 0.02
An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability. Vulnerability allows attacker to stop the PLC. After stopping (ERR LED flashing red), physical access to the PLC is required in order to restart…
- risk 0.49cvss 7.5epss 0.01
The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond, leading to genuine users losing remote visibility of the PLC state. If a user attempts to login to the PLC while this vulnerability is exploited, the PLC will show…
- risk 0.38cvss 5.8epss 0.00
Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2.
- risk 0.34cvss 5.3epss 0.01
Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6.