Security
Headlines
HeadlinesLatestCVEs

Headline

ABB Cylon Aspect 3.08.01 (portQueueAjax.php) Information Disclosure

The portQueueAjax.php endpoint on ABB Cylon Aspect BMS/BAS controller is accessible without authentication, potentially exposing sensitive port statistics and network activity metrics. An attacker could leverage this information to map the network, identify critical systems, and plan further attacks.

Zero Science Lab
#php#auth

Zero Science Lab: Latest News

ABB Cylon Aspect 3.08.02 (editOverride.php) Authentication Bypass MIX Override