CVE-2024-8036 MEDIUM

CVE-2024-8036: Unauthorized Modifications of Firmware and Configuration

Vendor Abb
Product Relion Protection Relays RE_611 IEC
Weakness CWE-347
Published October 25, 2024
Last update October 30, 2024

CVSS base score

5.9/10
Attack vector Adjacent
Attack complexity High
Privileges required High
User interaction Required
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H

What the vulnerability does

01Description

ABB is aware of privately reported vulnerabilities in the product versions referenced in this CVE. An attacker could exploit these vulnerabilities by sending a specially crafted firmware or configuration to the system node, causing the node to stop, become inaccessible, or allowing the attacker to take control of the node.

Key dates

02Disclosure timeline

October 25, 2024 CVE published
October 30, 2024 Record updated