CVE-2024-48843 ABB CVE debrief

Who should care

Organizations operating ABB ASPECT building automation systems including facility management teams, critical infrastructure operators, smart building integrators, and security teams responsible for OT/ICS environments.

Technical summary

CVE-2024-48843 encompasses SQL injection vulnerabilities in ABB's ASPECT building automation platform affecting Enterprise, NEXUS, and MATRIX product lines through version 3.08.02. The vulnerability permits unintended information disclosure through crafted database queries. Attack complexity is rated HIGH per CVSS 3.1 vector (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N), requiring low privileges but no user interaction. The changed scope (S:C) indicates impact beyond the vulnerable component. Remediation requires upgrading to ASPECT version 3.08.03 or later across all affected product variants.

Defensive priority

HIGH

Recommended defensive actions

• Upgrade affected ABB ASPECT systems to version 3.08.03 or later
• Apply network segmentation for building automation systems per CISA ICS recommended practices
• Restrict network access to ASPECT management interfaces to authorized administrative hosts only
• Monitor for anomalous database query patterns in ASPECT application logs
• Review and validate input sanitization on any custom integrations with ASPECT systems

Evidence notes

CISA CSAF advisory ICSA-25-007-01 documents SQL injection vulnerabilities in ASPECT systems with revision history tracking patch releases: initial publication 2024-07-03, update for version 3.08.02 availability 2024-08-20, update for version 3.08.03 availability 2024-11-28, and acknowledgment correction 2024-12-05. Affected product IDs CSAFPID-0001, CSAFPID-0007, CSAFPID-0013, CSAFPID-0019 cover ASP-ENT-x, NEX-2x, NEXUS-3-x, and MAT-x respectively.

Official resources