CVE-2024-12429 MEDIUM

CVE-2024-12429

Vendor Abb
Product AC500 V3
Weakness CWE-22 · Path traversal
Published January 7, 2025
Last update November 3, 2025

CVSS base score

5.1/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

An attacker who successfully exploited these vulnerabilities could grant read access to files. A vulnerability exists in the AC500 V3 version mentioned. A successfully authenticated attacker can use this vulnerability to read system wide files and configuration All AC500 V3 products (PM5xxx) with firmware version earlier than 3.8.0 are affected by this vulnerability.

Key dates

02Disclosure timeline

January 7, 2025 CVE published
November 3, 2025 Record updated