File Access Vulnerability in ABB AC500 V3 Products
CVE-2024-12429

5.1MEDIUM

Key Information:

Vendor: Abb
Status: Ac500 V3
Vendor: CVE Published:; 7 January 2025

What is CVE-2024-12429?

A vulnerability has been identified in ABB's AC500 V3 products, specifically affecting those with firmware versions earlier than 3.8.0. An authenticated attacker can exploit this flaw to gain unauthorized read access to system-wide files and configurations, potentially leading to further compromise of sensitive data. It is crucial for users to update their firmware to the latest version to mitigate this risk.

Affected Version(s)

AC500 V3 0 < 3.8.0

References

https://search.abb.com/library/Download.aspx?DocumentID=3...

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 7, 2025

JSON

Abb

What is CVE-2024-12429?

Affected Version(s)

References

CVSS V4

Timeline