PatchSiren cyber security CVE debrief
CVE-2024-3036 ABB CVE debrief
CVE-2024-3036 is a medium-severity vulnerability in ABB 800xA Base, an industrial control system platform used in process automation environments. Published on June 5, 2024, and last modified on May 19, 2026, this vulnerability allows an attacker with adjacent network access and low privileges to cause denial of service conditions by sending specially crafted messages that crash system services. The vulnerability carries a CVSS 3.1 score of 5.7, reflecting its localized attack vector but high availability impact. ABB has released patches across multiple product branches, with fixes available in versions 6.2.0-0, 6.1.1-3, and 6.0.3-10. Organizations operating affected systems should prioritize patching, particularly given the critical infrastructure contexts where 800xA Base is typically deployed.
- Vendor
- ABB
- Product
- 800xA Base
- CVSS
- MEDIUM 5.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-05
- Original CVE updated
- 2026-05-19
- Advisory published
- 2024-06-05
- Advisory updated
- 2026-05-19
Who should care
Organizations operating ABB 800xA distributed control systems in process industries including oil and gas, chemicals, power generation, pulp and paper, and mining. System integrators and maintenance providers supporting these installations should also prioritize awareness and patch deployment.
Technical summary
CVE-2024-3036 affects ABB 800xA Base versions 6.1.1-2 and earlier, and 6.0.3-9 and earlier. The vulnerability is triggered by crafted network messages that cause service crashes, resulting in denial of service. The attack requires adjacent network access and low privileges, with no user interaction needed. The CVSS 3.1 vector (AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C) indicates high availability impact with proof-of-concept exploit existence. ABB has addressed this through multiple patch releases: 6.2.0-0 (part of System 800xA 6.2.0.0), 6.1.1-3 (part of System 800xA 6.1.1.2), and 6.0.3-10 (RollUp for 6.0.3.x branch, released September 2025). IPSec implementation provides network-layer mitigation for unpatched systems.
Defensive priority
medium
Recommended defensive actions
- Apply vendor patches: Update ABB 800xA Base to version 6.2.0-0, 6.1.1-3, or 6.0.3-10 depending on your system branch. The 6.0.3-10 RollUp released in September 2025 requires System 800xA 6.0.3.4 as a prerequisite.
- Enable IPSec: As an interim workaround, implement IPSec according to ABB user documentation to protect against network-based exploitation attempts.
- Review general security recommendations: Consult ABB's security documentation for additional hardening guidance specific to your deployment.
- Monitor for service crashes: Implement logging and alerting for unexpected service terminations that may indicate exploitation attempts.
- Plan migration to active versions: If running end-of-life versions, develop a migration plan to actively supported product branches to ensure continued security updates.
Evidence notes
The vulnerability description and affected product versions are drawn from CISA's CSAF-formatted advisory. CVSS vector and remediation details are sourced from the same advisory. The May 19, 2026 modification reflects CISA republication based on ABB advisory 7PAA013309.
Official resources
-
CVE-2024-3036 CVE record
CVE.org
-
CVE-2024-3036 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE-2024-3036 was disclosed on June 5, 2024, through CISA's ICS advisory program (ICSA-24-177-01). The advisory has undergone seven revisions, with significant updates in January and May 2026 confirming patch availability for the 6.0.3-x LK