CVE-2024-48842

HIGH
2025-09-17 [email protected]
7.3
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Physical
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Mar 28, 2026 - 19:12 vuln.today
CVE Published
Sep 17, 2025 - 15:15 nvd
HIGH 7.3

Tags

Authentication Bypass Abb

Description

Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 and newer versions

Analysis

Use of Hard-coded Credentials vulnerability in ABB FLXEON.3.5 and newer versions. Rated high severity (CVSS 7.3). No vendor patch available.

Technical Context

This vulnerability is classified as Use of Hard-coded Credentials (CWE-798), which allows attackers to gain access using credentials embedded in source code. Use of Hard-coded Credentials vulnerability in ABB FLXEON.3.5 and newer versions Version information: through 9.3.5.

Affected Products

ABB FLXEON.This.

Remediation

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Remove hard-coded credentials, use environment variables or secrets management, rotate exposed credentials immediately.

Priority Score

37
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +36
POC: 0

Share

CVE-2024-48842 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy