Arbitrary Code Execution Vulnerability in FLXEON by ABB
CVE-2024-48841

10CRITICAL

Key Information:

Vendor: Abb
Status: Flxeon
Vendor: CVE Published:; 27 January 2025

What is CVE-2024-48841?

A vulnerability has been identified in the FLXEON product line, where network access can potentially allow an attacker to execute arbitrary code with elevated privileges. This security issue primarily affects versions 9.3.4 and older, putting systems at risk if they are not updated promptly. Users are advised to apply available patches and updates to mitigate this security risk.

Affected Version(s)

FLXEON 0 <= 9.3.4

References

https://search.abb.com/library/Download.aspx?DocumentID=9...

CVSS V4

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jan 27, 2025
Vulnerability Reserved
Oct 8, 2024

Credit

ABB likes to thank Gjoko Krstikj, Zero Science Lab, for reporting the vulnerabilities in responsible disclosure.

Abb

What is CVE-2024-48841?

Affected Version(s)

References

CVSS V4

Timeline

Credit