CVE-2024-51552 is a high-severity vulnerability affecting ABB's ASPECT-Enterprise, NEXUS Series, and MATRIX Series products up to version 3.*, where administrator credentials are stored in a recoverable format. This vulnerability falls under CWE-257, which concerns the improper storage of passwords in a manner that allows them to be retrieved in plaintext or easily reversible form. Specifically, the affected ABB products store administrator passwords in a way that, if an attacker gains access to the system or database, they can recover the original passwords rather than just hashed or irreversibly transformed values. The CVSS 4.0 score of 7.1 indicates a high impact with network attack vector, low attack complexity, and requiring privileges with high confidentiality impact. The vulnerability does not require user interaction but does require privileged access to exploit, which means an attacker would first need to compromise an account with elevated privileges or gain access to the system to extract stored credentials. The vulnerability affects multiple ABB industrial control and enterprise management systems, which are often used in critical infrastructure and industrial environments. Although no known exploits are currently in the wild, the recoverable password storage significantly increases the risk of credential theft and lateral movement within affected environments once initial access is gained. This vulnerability can lead to further compromise of the affected systems and potentially other connected networks due to the reuse or escalation of administrator credentials.

For European organizations, especially those in critical infrastructure sectors such as energy, manufacturing, and utilities that rely on ABB's ASPECT-Enterprise and related products, this vulnerability poses a significant risk. Compromise of administrator credentials can lead to unauthorized access to control systems, manipulation of industrial processes, and disruption of services. The recoverable password storage increases the likelihood of credential theft and subsequent attacks such as privilege escalation, lateral movement, and persistent access. This can result in operational downtime, safety hazards, data breaches, and regulatory non-compliance under frameworks like NIS2 and GDPR. Given the strategic importance of industrial control systems in Europe and the widespread use of ABB products, the vulnerability could have cascading effects on supply chains and critical services. Additionally, the high confidentiality impact means sensitive operational data could be exposed, further increasing the risk to European organizations.

European organizations should immediately audit their ABB ASPECT-Enterprise, NEXUS, and MATRIX Series deployments to identify affected versions. Since no patches are currently available, organizations should implement compensating controls such as: 1) Restricting and monitoring access to systems storing administrator credentials to minimize the risk of privileged account compromise. 2) Enforcing strong network segmentation and zero-trust principles around industrial control systems to limit lateral movement opportunities. 3) Implementing multi-factor authentication (MFA) for all privileged accounts to reduce the risk of credential misuse. 4) Regularly rotating administrator passwords and using external vaults or hardware security modules (HSMs) for credential storage where possible. 5) Enhancing logging and anomaly detection to quickly identify suspicious access patterns or credential extraction attempts. 6) Engaging with ABB support for updates or patches and planning for timely deployment once available. 7) Conducting security awareness training focused on privileged account security for administrators and operators.