CVE-2024-48844— Denial of Service, DoS

CVSS 7.7 · High EPSS 5.51% · P90 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-48844

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Denial of Service, DoS

Source: NVD (National Vulnerability Database)

Vulnerability Description

Denial of Service vulnerabilities where found providing a potiential for device service disruptions. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

不加限制或调节的资源分配

Source: NVD (National Vulnerability Database)

Vulnerability Title

ABB ASPECT 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ABB ASPECT是瑞士ABB公司的一个可扩展建筑能源管理和控制解决方案。 ABB ASPECT存在安全漏洞，该漏洞源于包含一个拒绝服务漏洞，有可能造成设备服务中断。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
ABB	ASPECT-Enterprise	0 ~ 3.08.02	-
ABB	NEXUS Series	initial ~ 3.08.02	-
ABB	MATRIX Series	0 ~ 3.08.02	-

II. Public POCs for CVE-2024-48844

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-48844

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2024-48844

Same Patch Batch · ABB · 2024-12-05 · 24 CVEs total

CVE-2024-51555	10.0 CRITICAL	Force Change of Default Credentials
CVE-2024-51551	10.0 CRITICAL	Default Credentials
CVE-2024-51550	10.0 CRITICAL	Data Validation / Sanitization
CVE-2024-51549	10.0 CRITICAL	Absolute Path Traversal
CVE-2024-51545	10.0 CRITICAL	Username Enumeration
CVE-2024-11317	10.0 CRITICAL	PHP Session Fixation
CVE-2024-48839	10.0 CRITICAL	Remote Code Execution, RCE
CVE-2024-48840	10.0 CRITICAL	Unauthorized Access
CVE-2024-51548	9.9 CRITICAL	Dangerous File Upload
CVE-2024-6784	9.9 CRITICAL	SSRF Server Side Request Forgery
CVE-2024-6515	9.6 CRITICAL	unauthorized file access
CVE-2024-48845	9.4 CRITICAL	Weak Password Rules/Strength
CVE-2024-51554	9.1 CRITICAL	off-by-one-error
CVE-2024-6516	9.0 CRITICAL	Cross Site Scripting XSS
CVE-2024-48847	8.2 HIGH	MD5 bypass operation
CVE-2024-51541	8.2 HIGH	Local File Inclusion
CVE-2024-51542	8.2 HIGH	Configuration Download
CVE-2024-51543	8.2 HIGH	Information Disclosure
CVE-2024-51544	8.2 HIGH	Service Control
CVE-2024-48843	7.7 HIGH	Denial of Service, DoS

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: ASPECT-Enterprise

Same vendor: ABB

Same weakness: CWE-770

V. Comments for CVE-2024-48844

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-48844— Denial of Service, DoS

I. Basic Information for CVE-2024-48844

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-48844

III. Intelligence Information for CVE-2024-48844

Same Patch Batch · ABB · 2024-12-05 · 24 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-48844

Leave a comment