VDB
CVE-2025-30170
CVE-2025-30170
PUBLISHED
CVSS 5.5 MEDIUM
Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised. This issue affects ASPECT <= 3.08.03
EPSS 0.28% · 51.8th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:F/RL:O/RC:C
EPSS Score
0.28%
51.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | NEXUS Series NEXUS-3-x version <=3.08.03 | |
| ABB | NEXUS Series NEX-2x version <=3.08.03 | |
| ABB | MATRIX Series MAT-x version <=3.08.03 | |
| ABB | ASPECT®-Enterprise ASP-ENT-x version <=3.08.03 |
Timeline
- May 22, 2025 Coalition ESS Score
- May 22, 2025 CVE Published
- May 23, 2025 EPSS Score
- May 23, 2025 Coalition ESS Score
- May 23, 2025 CVE Updated
- Jun 3, 2025 EPSS Score
- Jun 14, 2025 EPSS Score
- Jun 25, 2025 EPSS Score
- Jul 6, 2025 EPSS Score
- Jul 18, 2025 EPSS Score
- Jul 29, 2025 EPSS Score
- Aug 9, 2025 EPSS Score
References
- https://psirt.abb.com/csaf/2025/9akk108471a0021.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=HT0038&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-30170 advisory