CVE-2024-51553 is a high-severity vulnerability classified under CWE-73: External Control of File Name or Path, affecting ABB's ASPECT-Enterprise, NEXUS Series, and MATRIX Series products through version 3.*. The vulnerability arises from predictable filename handling within these systems, which could allow an attacker who has compromised administrator credentials to access sensitive information by exploiting the predictable nature of file paths or names. This flaw does not require user interaction but does require low-level privileges (administrator credentials) to exploit. The vulnerability impacts confidentiality significantly, as it can lead to unauthorized disclosure of sensitive files or data stored or processed by the affected ABB products. The CVSS 4.0 vector (AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N) indicates network attack vector, low attack complexity, partial attack type requiring privileges, no user interaction, and high impact on confidentiality, with no impact on integrity or availability. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability affects critical industrial control and enterprise management systems widely used in automation and infrastructure environments, making it a significant concern for organizations relying on ABB's ASPECT-Enterprise and related products.

For European organizations, this vulnerability poses a substantial risk, especially those in critical infrastructure sectors such as energy, manufacturing, and utilities where ABB's automation and control systems are prevalent. Exploitation could lead to unauthorized disclosure of sensitive operational data, intellectual property, or configuration files, potentially enabling further attacks or industrial espionage. Given the reliance on these systems for operational continuity, the exposure of sensitive information could also indirectly affect availability if attackers leverage the information for subsequent disruptive attacks. The requirement for administrator credentials limits the attack surface but also highlights the criticality of credential protection. European organizations with interconnected industrial control systems could face increased risk of targeted attacks, especially in countries with significant industrial bases and critical infrastructure.

Organizations should immediately review and strengthen credential management practices, including enforcing multi-factor authentication (MFA) for administrator accounts and conducting thorough audits of account usage. Network segmentation should be implemented to isolate ABB systems from broader enterprise networks, reducing exposure to credential compromise. Monitoring and logging of file access and administrative actions on ASPECT-Enterprise and related systems should be enhanced to detect anomalous behavior indicative of exploitation attempts. Until official patches are released, consider implementing compensating controls such as restricting access to predictable file paths, applying strict file permissions, and using application-layer firewalls or intrusion detection systems to monitor for suspicious file access patterns. Regularly update and patch ABB products as soon as vendor fixes become available. Additionally, conduct targeted security awareness training for administrators managing these systems to reduce the risk of credential theft.