CVE-2024-51555 CRITICAL

CVE-2024-51555: Force Change of Default Credentials

Vendor Abb
Product ASPECT-Enterprise
Weakness CWE-1393
Published December 5, 2024
Last update August 28, 2025

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

What the vulnerability does

01Description

Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.  Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02

Key dates

02Disclosure timeline

December 5, 2024 CVE published
August 28, 2025 Record updated