Prism Infosec has identified two high-risk vulnerabilities within the Aspect Control Engine building management system (BMS) developed by ABB. ABB’s Aspect BMS enables users to monitor a building’s performance and combines real-time integrated control, supervision, data logging, alarming, scheduling and network management functions with internet connectivity and web serving capabilities. Consequently, users can view system status, override setpoints and schedules, and more over desktop, laptop or mobile phone devices. CVE-2023-0635 and CVE-2023-0636 The two vulnerabilities … More

The post High-risk vulnerabilities patched in ABB Aspect building management system appeared first on Help Net Security.