CVE-2024-48841
Published: 27 January 2025
Summary
CVE-2024-48841 is a critical-severity Command Injection (CWE-77) vulnerability in Abb (inferred from references). Its CVSS base score is 10.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 8.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-48841 is a command injection vulnerability (CWE-77) that permits arbitrary code execution with elevated privileges over a network connection. The flaw affects FLXEON versions 9.3.4 and earlier.
Unauthenticated attackers with network access can exploit the issue without user interaction or credentials to achieve full control over confidentiality, integrity, and availability on the affected system, corresponding to the maximum CVSS 4.0 score of 10.0.
The vendor advisory published by ABB at https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch addresses mitigation steps for the affected FLXEON releases.
EPSS scores for the CVE rose from a low baseline to a recorded peak of 0.0825, indicating measurable post-disclosure exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-43245
Vulnerability details
Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct unauthenticated RCE over network on public-facing app (T1190) with scope expansion to elevated privileges (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely remediation of identified flaws, directly addressing this command injection vulnerability by patching affected FLXEON versions.
Enforces validation of network information inputs to block malicious commands that enable arbitrary code execution.
Monitors and controls communications at external boundaries to restrict unauthenticated network access required for remote exploitation.