PT-2024-9186 · Abb · Matrix Series+2
Published
2024-12-05
·
Updated
2024-12-05
·
CVE-2024-48843
CVSS v3.1
7.7
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H |
Name of the Vulnerable Software and Affected Versions:
ABB ASPECT - Enterprise version 3.08.02
NEXUS Series version 3.08.02
MATRIX Series version 3.08.02
Description:
The issue is related to Denial of Service vulnerabilities, which could potentially cause device service disruptions. It is associated with unlimited resource distribution in the software of embedded network controllers for building management. Exploitation of the vulnerability may allow a remote attacker to cause a denial of service.
Recommendations:
For ABB ASPECT - Enterprise version 3.08.02, update to a version that addresses the Denial of Service vulnerability.
For NEXUS Series version 3.08.02, update to a version that addresses the Denial of Service vulnerability.
For MATRIX Series version 3.08.02, update to a version that addresses the Denial of Service vulnerability.
As a temporary workaround, consider restricting access to the affected devices to minimize the risk of exploitation.
Fix
SQL injection
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Abb Aspect
Matrix Series
Nexus Series