CVE-2024-3036

EPSS 0.08%
Published 21.06.2024 11:15:12
Last modified 08.09.2025 10:15:34
Source cybersecurity@ch.abb.com
Teams watchlist Login
Open Login

Improper Input Validation vulnerability in ABB 800xA Base.
An attacker who successfully exploited this 
vulnerability could cause services to crash by sending specifically crafted messages.
This issue affects 800xA Base: from 6.0.0 through 6.1.1-2.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorABB

≫

Product 800xA Base

Default Statusunaffected

Version <= 6.1.1-2

Version 6.0.0

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.248

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
cybersecurity@ch.abb.com	6.9	0	0	CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:A/V:D/RE:M/U:X
cybersecurity@ch.abb.com	5.7	2.1	3.6	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-1284 Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch

https://nvd.nist.gov/vuln/detail/CVE-2024-3036

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-3036

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-3036

EUVD