ABB reports critical vulnerability in ASPECT-Enterprise, NEXUS, and MATRIX devices
Take action: If you are using ASPECT-Enterprise, NEXUS, and MATRIX series devices, make sure they are isolated from the internet and accessible only from limited trusted networks. If they are connected to the internet, DISCONNECT IMMEDIATELY. Also limit physical access to the devices, and patch them ASAP.
Learn More
ABB is reporting a critical security vulnerability affecting their industrial control system products, including ASPECT-Enterprise, NEXUS, and MATRIX series devices.
The vulnerability is tracked as CVE-2024-51547 (CVSS score 9.8) and enables attackers to gain unauthorized access to devices without proper authentication. This vulnerability stems from the presence of hard-coded credentials in plain text within the firmware of these devices.
Affected ABB products:
- ABB ASPECT®-Enterprise ASP-ENT-x: Versions 3.08.03 and prior
- ABB NEXUS Series NEX-2x: Versions 3.08.03 and prior
- ABB NEXUS Series: Versions 3.08.03 and prior
- ABB MATRIX Series MAT-x: Versions 3.08.03 and prior
These affected systems are deployed worldwide and are particularly crucial in critical manufacturing infrastructure sectors. The vulnerability was reported to CISA by Gjoko Krstikj of Zero Science Lab.
ABB has issued mitigation guidance through their cybersecurity advisory (9AKK108470A6775). Key actions include immediately disconnecting any ASPECT products directly exposed to the Internet, implementing strict physical access controls, protecting log files from unauthorized access, upgrading to the latest firmware version, and ensuring secure remote access methods through properly configured and updated VPNs.
