Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-48852Log File Information Exposure in Flxeon

CWE-532Log File Information Exposure4 documents4 sources
Severity
6.9MEDIUMNVD
EPSS
2.7%
top 14.09%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
ABB Flxeon
Timeline
PublishedJan 29
Latest updateApr 11

Description

Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through <= 9.3.4.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages1 packages

CVEListV5abb/flxeon<= 9.3.4

🔴Vulnerability Details

2
CVEList
Information disclosures2025-01-29
GHSA
GHSA-pgg6-pq85-wxjf: Insertion of Sensitive Information into Log File vulnerability observed in FLEXON2025-01-29

💥Exploits & PoCs

1
Exploit-DB
ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure2025-04-11
CVE-2024-48852 — Log File Information Exposure in ABB | cvebase