High-risk vulnerabilities patched in ABB Aspect building management system

Prism Infosec has identified two high-risk vulnerabilities within the Aspect Control Engine building management system (BMS) developed by ABB. ABB’s Aspect BMS enables users to monitor a building’s performance and combines real-time integrated control, supervision, data logging, alarming, scheduling and network management functions with internet connectivity and web serving capabilities. Consequently, users can view system status, override setpoints and schedules, and more over desktop, laptop or mobile phone devices. CVE-2023-0635 and CVE-2023-0636 The two vulnerabilities … More →

The post …

abb aspect bms building management capabilities connectivity control cve data engine functions high infosec internet internet connectivity logging management monitor network network management performance prism prism infosec risk smart building system vulnerabilities vulnerability web