Description
ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE. An attacker could exploit these vulnerabilities by sending a specially crafted firmware or configuration to the system node, causing the node to stop, become inaccessible, or allowing the attacker to take control of the node.
Reserved 2024-08-20 | Published 2024-10-25 | Updated 2024-10-30 | Assigner
ABBMEDIUM: 5.9CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H
MEDIUM: 4.6CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:I/V:D/RE:H/U:Amber
Problem types
CWE-347 Improper Verification of Cryptographic Signature
Product status
Default status
unaffected
1.0.0
affected
2.0.0
affected
Default status
unaffected
1.0.0
affected
Default status
unaffected
1.0.0
affected
Default status
unaffected
PCL1
affected
Default status
unaffected
1.1.1
affected
1.2.0
affected
Default status
unaffected
1.0.0
affected
1.1.0
affected
1.2.0
affected
1.3.0
affected
Default status
unaffected
1.0.0
affected
Default status
unaffected
1.0
affected
1.0 FP1
affected
1.0 FP2
affected
1.0 FP3
affected
1.0 FP4
affected
Default status
unaffected
4.0.0
affected
Default status
unaffected
1.0.0
affected
Default status
unaffected
2.0.0
affected
3.0.0
affected
4.0.0
affected
4.1.9
affected
5.0.0
affected
5.1.0
affected
Default status
unaffected
2.0.0
affected
3.0.0
affected
3.1.0
affected
4.1.0
affected
5.1.0
affected
Default status
unaffected
2.0.0
affected
4.0.0
affected
4.1.0
affected
4.2.0
affected
5.1.0
affected
Default status
unaffected
1.0.0
affected
2.0.0
affected
Default status
unaffected
1.0.0
affected
2.0.0
affected
Default status
unaffected
1.0.0
affected
Default status
unaffected
1.0.0
affected
Default status
unaffected
2.0.0
affected
2.1.0
affected
Default status
unaffected
1.1.0
affected
1.2.0
affected
1.3.0
affected
Default status
unaffected
1.0.0
affected
Default status
unaffected
3.3
affected
3.4
affected
3.5
affected
4.0
affected
4.1
affected
5.0
affected
5.1
affected
Default status
unaffected
Exx
affected
Mxx
affected
Sxx
affected
xMx
affected
Exxx
affected
Mxxx
affected
Sxxx
affected
xMxx
affected
xxxC
affected
Default status
unaffected
4.1
affected
5.0
affected
Default status
unaffected
Exxx
affected
Mxxx
affected
Sxxx
affected
xMxx
affected
xxxC
affected
Default status
unaffected
R1.0
affected
R1.1
affected
R2.0
affected
R2.5
affected
R2.5 ATEX
affected
R2.5 SP3
affected
R2.6
affected
R3.0
affected
R3.0 SP1
affected
R3.0 SP3
affected
Default status
unaffected
2.6 V4F07x
affected
3.0FP1 V4F11x
affected
V4D02x
affected
V4E0xx
affected
Default status
unaffected
3.x.x
affected
Default status
unaffected
2.x.x
affected
Default status
unaffected
4.x.x
affected
Default status
unaffected
1.1
affected
Default status
unaffected
1.1
affected
Credits
ABB thanks Jos Wetzels from Midnight Blue (midnightblue.nl) for helping to identify the vulnerabilities and protecting our customers. finder
References
search.abb.com/...guageCode=en&DocumentPartId=&Action=Launch
cve.org (CVE-2024-8036)
nvd.nist.gov (CVE-2024-8036)
Download JSON
Subscribe to our newsletter to learn more about our work.
