Security
Headlines
HeadlinesLatestCVEs

Headline

ABB Cylon Aspect 3.08.02 (aspectMemory.php) Arbitrary Heap Memory Configuration

An authenticated access vulnerability in the aspectMemory.php script of ABB Cylon Aspect BMS/BAS controllers allows attackers to set arbitrary values for Java heap memory parameters (HEAPMIN and HEAPMAX). This configuration is written to /usr/local/aam/etc/javamem. The absence of input validation can lead to system performance degradation, Denial-of-Service (DoS) conditions, and crashes of critical Java applications.

Zero Science Lab
#vulnerability#dos#java#php#auth

Zero Science Lab: Latest News

ABB Cylon Aspect 3.08.02 (editOverride.php) Authentication Bypass MIX Override