CVE-2024-8036

Unauthorized Modifications of Firmware and Configuration

CVSS 4.6 MEDIUMEPSS 0.1%CWE-347

ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE. An attacker could exploit these vulnerabilities by sending a specially crafted firmware or configuration to the system node, causing the node to stop, become inaccessible, or allowing the attacker to take control of the node.

CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:N/R:I/V:D/RE:H/U:Amber

Produtos afetados

ABB · 620 Series IEC/CN ABB · ARG600/ARP600/ARR600/ARC600 single SIM ABB · ARG600/ARP600 dual SIM ABB · ARM600 ABB · COM600 ABB · COM600F ANSI ABB · RBX615 ABB · RE_630 ABB · REC601/RER601 ABB · REC603/RER603 ABB · REF542plus ABB · Relion Protection Relays 615 series ANSI ABB · Relion Protection Relays 615 series CN ABB · Relion Protection Relays 615 series IEC ABB · Relion Protection Relays RE_611 IEC ABB · Relion Protection Relays REC615 ABB · Relion Protection Relays RED615 IEC ABB · Relion Protection Relays REF615 ANSI ABB · Relion Protection Relays REF615 IEC ABB · Relion Protection Relays REF615R ANSI ABB · Relion Protection Relays RER615 ABB · Relion Protection Relays REX610 ABB · Relion Protection Relays REX615 ABB · Relion Protection Relays REX640 ABB · RER620 ANSI ABB · RIO600 ABB · Smart Substation Control and Protection SSC600 ABB · SPA ZC-400 ABB · SPA ZC-402 ABB · Substation Merging Unit SMU615 ABB · SUE 3000

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://search.abb.com/library/Download.aspx?DocumentID=2NGA001911&LanguageCode=en&DocumentPartId=&Action=Launch