Cyber Resilience

CVE-2024-48841

CriticalRCE

Published: 27 January 2025

Published
27 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0625 91.1th percentile
Risk Priority 24 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-48841 is a critical-severity Command Injection (CWE-77) vulnerability in Abb (inferred from references). Its CVSS base score is 10.0 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-48841 is a command injection vulnerability (CWE-77) that permits arbitrary code execution with elevated privileges over a network connection. The flaw affects FLXEON versions 9.3.4 and earlier.

Unauthenticated attackers with network access can exploit the issue without user interaction or credentials to achieve full control over confidentiality, integrity, and availability on the affected system, corresponding to the maximum CVSS 4.0 score of 10.0.

The vendor advisory published by ABB at https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch addresses mitigation steps for the affected FLXEON releases.

EPSS scores for the CVE rose from a low baseline to a recorded peak of 0.0825, indicating measurable post-disclosure exploitation interest.

EU & UK References

Vulnerability details

Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Direct unauthenticated RCE over network on public-facing app (T1190) with scope expansion to elevated privileges (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-38707Shared CWE-77
CVE-2025-55227Shared CWE-77
CVE-2026-23778Shared CWE-77
CVE-2026-49199Shared CWE-77
CVE-2025-64424Shared CWE-77
CVE-2026-38703Shared CWE-77
CVE-2024-53945Shared CWE-77
CVE-2026-38702Shared CWE-77
CVE-2025-22939Shared CWE-77
CVE-2025-22941Shared CWE-77

Affected Assets

Abb
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of identified flaws, directly addressing this command injection vulnerability by patching affected FLXEON versions.

prevent

Enforces validation of network information inputs to block malicious commands that enable arbitrary code execution.

prevent

Monitors and controls communications at external boundaries to restrict unauthenticated network access required for remote exploitation.

References