CVE-2024-3036

Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited this vulnerability could cause services to crash by sending specifically crafted messages. This issue affects 800xA Base: from 6.0.0 through 6.1.1-2.

CVSS v3 5.7 MEDIUM

5.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.1 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch
https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch

Configurations

No configuration.

History

08 Sep 2025, 10:15

Type	Values Removed	Values Added
CWE	~~CWE-20~~	CWE-1284

21 Nov 2024, 09:28

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de validación de entrada incorrecta en ABB 800xA Base. Un atacante que aprovechara con éxito esta vulnerabilidad podría provocar que los servicios fallaran al enviar mensajes específicamente diseñados. Este problema afecta a 800xA Base: desde 6.0.0 hasta 6.1.1-2.
References	~~() https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch -~~	() https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch -

21 Jun 2024, 11:22

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-21 11:15

Updated : 2025-09-08 10:15

NVD link : CVE-2024-3036

Mitre link : CVE-2024-3036

CVE.ORG link : CVE-2024-3036

JSON object : View

Products Affected

No product.

CWE

CWE-1284

Improper Validation of Specified Quantity in Input

{"id": "CVE-2024-3036", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cybersecurity@ch.abb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.1}], "cvssMetricV40": [{"type": "Secondary", "source": "cybersecurity@ch.abb.com", "cvssData": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "AUTOMATIC", "baseScore": 6.9, "Automatable": "YES", "attackVector": "ADJACENT", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:A/V:D/RE:M/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-06-21T11:15:12.553", "references": [{"url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "cybersecurity@ch.abb.com"}, {"url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA013309&LanguageCode=en&DocumentPartId=&Action=Launch", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "cybersecurity@ch.abb.com", "description": [{"lang": "en", "value": "CWE-1284"}]}], "descriptions": [{"lang": "en", "value": "Improper Input Validation vulnerability in ABB 800xA Base.\nAn attacker who successfully exploited this \nvulnerability could cause services to crash by sending specifically crafted messages.\nThis issue affects 800xA Base: from 6.0.0 through 6.1.1-2."}, {"lang": "es", "value": "Vulnerabilidad de validaci\u00f3n de entrada incorrecta en ABB 800xA Base. Un atacante que aprovechara con \u00e9xito esta vulnerabilidad podr\u00eda provocar que los servicios fallaran al enviar mensajes espec\u00edficamente dise\u00f1ados. Este problema afecta a 800xA Base: desde 6.0.0 hasta 6.1.1-2."}], "lastModified": "2025-09-08T10:15:34.867", "sourceIdentifier": "cybersecurity@ch.abb.com"}