CVE-2024-12430

An attacker who successfully exploited these vulnerabilities could cause enable command execution. A vulnerability exists in the AC500 V3 version mentioned. After successfully exploiting CVE-2024-12429 (directory traversal), a successfully authenticated attacker can inject arbitrary commands into a specifically crafted file, which then will be executed by root user. All AC500 V3 products (PM5xxx) with firmware version earlier than 3.8.0 are affected by this vulnerability.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=3ADR011377&LanguageCode=en&DocumentPartId=&Action=Launch
http://seclists.org/fulldisclosure/2025/Jan/5

Configurations

No configuration.

History

03 Nov 2025, 22:16

Type	Values Removed	Values Added
Summary		(es) Un atacante que aproveche con éxito estas vulnerabilidades podría provocar la ejecución de comandos de habilitación. Existe una vulnerabilidad en la versión AC500 V3 mencionada. Después de explotar con éxito CVE-2024-12429 (directory traversal), un atacante autenticado con éxito puede inyectar comandos arbitrarios en un archivo específicamente manipulado, que luego será ejecutado por el usuario superusuario. Todos los productos AC500 V3 (PM5xxx) con una versión de firmware anterior a la 3.8.0 se ven afectados por esta vulnerabilidad.
References		() http://seclists.org/fulldisclosure/2025/Jan/5 -

07 Jan 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-07 17:15

Updated : 2025-11-03 22:16

NVD link : CVE-2024-12430

Mitre link : CVE-2024-12430

CVE.ORG link : CVE-2024-12430

JSON object : View

Products Affected

No product.

CWE

CWE-280

Improper Handling of Insufficient Permissions or Privileges

{"id": "CVE-2024-12430", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cybersecurity@ch.abb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}], "cvssMetricV40": [{"type": "Secondary", "source": "cybersecurity@ch.abb.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.3, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-01-07T17:15:20.703", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR011377&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "cybersecurity@ch.abb.com"}, {"url": "http://seclists.org/fulldisclosure/2025/Jan/5", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cybersecurity@ch.abb.com", "description": [{"lang": "en", "value": "CWE-280"}]}], "descriptions": [{"lang": "en", "value": "An attacker who successfully exploited these vulnerabilities could cause enable command execution. A vulnerability exists in the AC500 V3 version mentioned. After successfully exploiting CVE-2024-12429 (directory traversal), a successfully authenticated attacker can inject arbitrary commands into a specifically crafted file, which then will be executed by root user.\nAll AC500 V3 products (PM5xxx) with firmware version earlier than 3.8.0 are affected by this vulnerability."}, {"lang": "es", "value": "Un atacante que aproveche con \u00e9xito estas vulnerabilidades podr\u00eda provocar la ejecuci\u00f3n de comandos de habilitaci\u00f3n. Existe una vulnerabilidad en la versi\u00f3n AC500 V3 mencionada. Despu\u00e9s de explotar con \u00e9xito CVE-2024-12429 (directory traversal), un atacante autenticado con \u00e9xito puede inyectar comandos arbitrarios en un archivo espec\u00edficamente manipulado, que luego ser\u00e1 ejecutado por el usuario superusuario. Todos los productos AC500 V3 (PM5xxx) con una versi\u00f3n de firmware anterior a la 3.8.0 se ven afectados por esta vulnerabilidad."}], "lastModified": "2025-11-03T22:16:39.697", "sourceIdentifier": "cybersecurity@ch.abb.com"}