Skip to main content

CVE-2024-51547: CWE-798 Use of Hard-coded Credentials in ABB ASPECT-Enterprise

Critical
VulnerabilityCVE-2024-51547cvecve-2024-51547cwe-798
Published: Thu Feb 06 2025 (02/06/2025, 04:12:30 UTC)
Source: CVE
Vendor/Project: ABB
Product: ASPECT-Enterprise

Description

Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.

AI-Powered Analysis

AILast updated: 07/08/2025, 04:57:20 UTC

Technical Analysis

CVE-2024-51547 is a critical vulnerability classified under CWE-798, indicating the use of hard-coded credentials in ABB's industrial software products: ASPECT-Enterprise, NEXUS Series, and MATRIX Series, all up to version 3.*. Hard-coded credentials are embedded static usernames and passwords within the software code or configuration files, which cannot be changed by the end user. This vulnerability allows an unauthenticated attacker to remotely access affected systems without any user interaction or prior authentication. The CVSS 4.0 base score of 9.3 reflects the high severity, with attack vector being network-based (AV:N), no attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is high (VC:H, VI:H, VA:H), meaning an attacker can fully compromise the system, exfiltrate sensitive data, manipulate or disrupt operations. The vulnerability affects critical industrial control and automation software widely used in sectors such as energy, manufacturing, and utilities. The lack of available patches at the time of publication increases the risk, although no known exploits in the wild have been reported yet. Given the nature of these products, exploitation could lead to unauthorized control over industrial processes, potentially causing operational disruptions, safety hazards, and significant economic damage.

Potential Impact

For European organizations, especially those operating critical infrastructure like power grids, manufacturing plants, and water treatment facilities, this vulnerability poses a severe risk. ABB's ASPECT-Enterprise and related products are commonly deployed in European industrial environments. Exploitation could lead to unauthorized access to control systems, enabling attackers to manipulate industrial processes, cause production downtime, or even physical damage to equipment. Confidentiality breaches could expose sensitive operational data or intellectual property. Integrity violations could result in falsified sensor readings or control commands, undermining system reliability and safety. Availability impacts could disrupt essential services, affecting not only the targeted organization but also downstream customers and the public. The critical severity and ease of exploitation without authentication make this a high-priority threat for European critical infrastructure operators, industrial enterprises, and managed service providers supporting these sectors.

Mitigation Recommendations

1. Immediate risk reduction should focus on network segmentation and access controls to isolate affected ABB systems from untrusted networks, minimizing exposure to potential attackers. 2. Implement strict firewall rules to restrict inbound and outbound traffic to only trusted sources and necessary protocols. 3. Monitor network traffic and system logs for unusual authentication attempts or access patterns indicative of exploitation attempts. 4. Employ intrusion detection and prevention systems (IDS/IPS) tuned for industrial protocols and ABB product signatures. 5. Coordinate with ABB for timely patch releases or official workarounds; if unavailable, consider temporary compensating controls such as disabling vulnerable services or changing default configurations where possible. 6. Conduct thorough audits of all ABB product deployments to identify affected versions and prioritize remediation. 7. Train operational technology (OT) and IT security teams on this vulnerability and incident response procedures tailored to industrial environments. 8. Establish incident response plans specifically addressing potential exploitation scenarios of hard-coded credentials in industrial control systems.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
ABB
Date Reserved
2024-10-29T11:48:54.543Z
Cisa Enriched
true
Cvss Version
4.0
State
PUBLISHED

Threat ID: 682f6b520acd01a249264656

Added to database: 5/22/2025, 6:22:10 PM

Last enriched: 7/8/2025, 4:57:20 AM

Last updated: 8/3/2025, 2:10:32 PM

Views: 14

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats