Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-48844

CWE-770Allocation without Limits4 documents4 sources
Severity
7.2HIGH
EPSS
4.1%
top 11.35%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
22
ABB Aspect-ent-12 FirmwareABB Aspect-ent-256 FirmwareABB Aspect-ent-2 Firmware+19 more
Timeline
PublishedDec 5
Latest updateApr 15

Description

Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H

Affected Packages22 packages

CVEListV5abb/nexus_seriesinitial3.08.02
CVEListV5abb/matrix_series3.08.02
CVEListV5abb/aspect-enterprise3.08.02
NVDabb/matrix-11_firmware< 3.08.03
NVDabb/nexus-264_firmware< 3.08.03

🔴Vulnerability Details

2
GHSA
GHSA-8r6w-mfx6-6726: Denial of Service vulnerabilities where found providing a potiential for device service disruptions2024-12-05
CVEList
Denial of Service, DoS2024-12-05

💥Exploits & PoCs

1
Exploit-DB
ABB Cylon Aspect 3.08.02 (escDevicesUpdate.php) - Denial of Service (DOS)2025-04-15
CVE-2024-48844 (HIGH CVSS 7.2) | Denial of Service vulnerabilities w | cvebase.io