CNNVD-202510-2596 Information

CNNVD ID

CNNVD-202510-2596

Related CVE

CVE-2025-3465

• CNNVD Published: 2025-10-20

Description (Chinese)

ABB CoreSense HM和ABB CoreSense M10都是瑞士ABB公司的一款检测变压器油的传感器。 ABB CoreSense HM 2.3.1及之前版本和ABB CoreSense M10 1.4.1.12及之前版本存在路径遍历漏洞，该漏洞源于路径名限制不当，可能导致路径遍历攻击。

Description (English)

ABB CoreSense HM and ABB CoreSense M10 are both sensors for the detection of transformer oils by ABB Switzerland. ABB CoreSense HM 2.3.1 and earlier versions and ABB CoreSense M10 1.4.1.12 and earlier versions have a loophole, which stems from inappropriate path name limitations that may lead to a path attack.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

阿西亚布朗勃法瑞有限公司

Published

2025-10-20

Last Modified

2026-02-24

References

https://search.abb.com/library/Download.aspx?DocumentID=3KXG200000R4801&LanguageCode=en&DocumentPartId=&Action=Launch https://access.redhat.com/security/cve/cve-2025-3465

Patch

https://search.abb.com/library/Download.aspx?DocumentID=3KXG200000R4801&LanguageCode=en&DocumentPartId=&Action=Launch