CVE-2024-48852 ABB CVE debrief

Who should care

Operators of ABB FLXEON Controllers and related FBXi, FBVi, FBTi, and CBXi firmware at version 9.3.4 or below, especially environments exposing device management or HTTPS services beyond an internal network.

Technical summary

The advisory describes a network-reachable information disclosure condition affecting ABB FLXEON-family firmware versions <= 9.3.4. The supplied CVSS vector indicates no privileges or user interaction are required, with network attack complexity low. CISA’s product tree names affected FBXi, FBVi, FBTi, and CBXi firmware under ABB’s FLXEON Controllers umbrella, and recommends upgrading to firmware 9.3.5 or above.

Defensive priority

High. The CVSS score is 9.4 (Critical), the issue is network-accessible, and the remediation is straightforward: upgrade firmware and reduce exposure. Even though the supplied enrichment does not list the CVE in CISA KEV, internet-facing or remotely reachable controllers should be addressed promptly.

Recommended defensive actions

• Upgrade ABB FLXEON-family firmware to 9.3.5 or later on all affected devices.
• Disconnect FLXEON products from direct Internet exposure, including ISP connections and NAT port forwarding.
• Restrict management and HTTPS access to trusted internal networks only.
• Use a secure, fully patched VPN for any required remote access.
• Confirm physical access controls prevent unauthorized access to devices, peripherals, and network equipment.
• Inventory FBXi, FBVi, FBTi, and CBXi devices to verify whether any remain at version 9.3.4 or below.

Evidence notes

The vulnerability description and affected-version scope come from the CISA CSAF advisory for ICSA-25-051-02, which lists ABB as vendor and FLXEON-family firmware versions <= 9.3.4. ABB remediation text explicitly recommends upgrading to 9.3.5 or above and avoiding direct Internet exposure. The published and modified dates are taken from the supplied CVE/timeline fields, not from this response date.

Official resources