CVE-2024-48844

Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.08.02 NEXUS Series version 3.08.02 MATRIX Series version 3.08.02

Description: The issue is related to Denial of Service vulnerabilities, which could potentially disrupt device services. It is associated with unlimited resource distribution in the firmware of embedded network controllers for building management, specifically in ASPECT Enterprise, NEXUS Series, and MATRIX Series products. Exploitation of this issue could allow a remote attacker to cause a denial of service.

Recommendations: For ABB ASPECT - Enterprise version 3.08.02, consider disabling the vulnerable service until a patch is available. For NEXUS Series version 3.08.02, restrict access to the affected module to minimize the risk of exploitation. For MATRIX Series version 3.08.02, avoid using the vulnerable function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.