CVE-2024-47784
published 2025-04-30CVE-2024-47784: Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI…
low2.1CVSS 4.0
AVAACHATNPRLUINVCNVILVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRUVXREXUX
Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI
This issue affects ANC software version 1.1.4 and earlier.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| abb | anc | <= 1.1.4 | — |
| abb | anc-l | <= 1.1.4 | — |
| abb | anc-mini | <= 1.1.4 | — |