ABB FLXEON Controllers

CVSS 10.0 CRITICAL

CVEs (3)

CVE-2024-48841 CVE-2024-48849 CVE-2024-48852

- Stop and disconnect any FLXEON products that are exposed directly to the Internet, either via a direct ISP connection or via NAT port forwarding - Ensure that physical controls are in place, so no unauthorized personnel can access your devices, components, peripheral equipment, and networks - Ensure that all FLXEON products are upgraded to the latest firmware version (9.3.5 or above). Please find the latest version of FLXEON firmware on the respective product homepage - When remote access is required, only use secure methods. If a Virtual Private Network (VPN) is used, ensure that the chosen VPN is secure i.e. updated to the most current version available and configured for se-cure access.

ABB

ABB · FBXi <=9.3.4

ABB · FBXi >=9.3.5

ABB · <=9.3.4 <=9.3.4

ABB · >=9.3.5 >=9.3.5

ABB · <=9.3.4 <=9.3.4

ABB · >=9.3.5 >=9.3.5

ABB · <=9.3.4 <=9.3.4

ABB · >=9.3.5 >=9.3.5

Critical manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.