We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-8036

Unauthorized Modifications of Firmware and Configuration



AssignerABB
Reserved2024-08-20
Published2024-10-25
Updated2024-10-30

Description

ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE. An attacker could exploit these vulnerabilities by sending a specially crafted firmware or configuration to the system node, causing the node to stop, become inaccessible, or allowing the attacker to take control of the node.



MEDIUM: 5.9CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H
MEDIUM: 4.6CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:I/V:D/RE:H/U:Amber

Product status

Default status
unaffected

1.0.0
affected

2.0.0
affected

Default status
unaffected

1.0.0
affected

Default status
unaffected

1.0.0
affected

Default status
unaffected

PCL1
affected

Default status
unaffected

1.1.1
affected

1.2.0
affected

Default status
unaffected

1.0.0
affected

1.1.0
affected

1.2.0
affected

1.3.0
affected

Default status
unaffected

1.0.0
affected

Default status
unaffected

1.0
affected

1.0 FP1
affected

1.0 FP2
affected

1.0 FP3
affected

1.0 FP4
affected

Default status
unaffected

4.0.0
affected

Default status
unaffected

1.0.0
affected

Default status
unaffected

2.0.0
affected

3.0.0
affected

4.0.0
affected

4.1.9
affected

5.0.0
affected

5.1.0
affected

Default status
unaffected

2.0.0
affected

3.0.0
affected

3.1.0
affected

4.1.0
affected

5.1.0
affected

Default status
unaffected

2.0.0
affected

4.0.0
affected

4.1.0
affected

4.2.0
affected

5.1.0
affected

Default status
unaffected

1.0.0
affected

2.0.0
affected

Default status
unaffected

1.0.0
affected

2.0.0
affected

Default status
unaffected

1.0.0
affected

Default status
unaffected

1.0.0
affected

Default status
unaffected

2.0.0
affected

2.1.0
affected

Default status
unaffected

1.1.0
affected

1.2.0
affected

1.3.0
affected

Default status
unaffected

1.0.0
affected

Default status
unaffected

3.3
affected

3.4
affected

3.5
affected

4.0
affected

4.1
affected

5.0
affected

5.1
affected

Default status
unaffected

Exx
affected

Mxx
affected

Sxx
affected

xMx
affected

Exxx
affected

Mxxx
affected

Sxxx
affected

xMxx
affected

xxxC
affected

Default status
unaffected

4.1
affected

5.0
affected

Default status
unaffected

Exxx
affected

Mxxx
affected

Sxxx
affected

xMxx
affected

xxxC
affected

Default status
unaffected

R1.0
affected

R1.1
affected

R2.0
affected

R2.5
affected

R2.5 ATEX
affected

R2.5 SP3
affected

R2.6
affected

R3.0
affected

R3.0 SP1
affected

R3.0 SP3
affected

Default status
unaffected

2.6 V4F07x
affected

3.0FP1 V4F11x
affected

V4D02x
affected

V4E0xx
affected

Default status
unaffected

3.x.x
affected

Default status
unaffected

2.x.x
affected

Default status
unaffected

4.x.x
affected

Default status
unaffected

1.1
affected

Default status
unaffected

1.1
affected

Credits

ABB thanks Jos Wetzels from Midnight Blue (midnightblue.nl) for helping to identify the vulnerabilities and protecting our customers. finder

References

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001911&LanguageCode=en&DocumentPartId=&Action=Launch

cve.org CVE-2024-8036

nvd.nist.gov CVE-2024-8036

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.