ABB Automation Builder Gateway for Windows — CVE-2024-41975
CISA ICS · CISA · CVE-2024-41975
ID
CVE-2024-41975
CVE-2024-41975
Date
Activity
Source
CISA ICS
CISA ICS
Vendor
CISA
CISA
Threat
medium
medium
Summary
View CSAF Summary ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. The Windows gateway is accessible remotely by default. Unauthenticated attackers can therefore search for PLCs, but the user management of the PLCs prevents the actual access to the PLCs – unless it is disabled The following versions of ABB Automation Builder Gateway for Windows are affected:…
Product
ICS Advisory
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.