CVE-2024-10334

High

Published: 10 February 2025

Published

10 February 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

EPSS Score 0.0011 29.3th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used. An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.

Security Summary

CVE-2024-10334 is a vulnerability in the VideONet product included in ABB System 800xA versions 5.1.X, 6.0.3.X, 6.1.1.X, and 6.2.X where VideONet is used. Associated with CWE-256, it has a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H).

An attacker with local access, low privileges, and able to meet low complexity requirements can exploit the vulnerability without user interaction. Successful exploitation could allow the attacker to stop or manipulate the video feed in the worst case, achieving high confidentiality impact, low integrity impact, and high availability impact.

Mitigation details are outlined in the ABB security advisory at https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159&LanguageCode=en&DocumentPartId=&Action=Launch.

Details

CWE(s): CWE-256

References

https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159&LanguageCode=en&DocumentPartId=&Action=Launch
cybersecurity@ch.abb.com