CVE-2024-41975

MEDIUM

An unauthenticated remote attacker can gain limited information of the PLC network but the user management of the PLCs prevents the actual access to the PLCs.

CVSS v3.1 Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Complexity

LOW

Privileges

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Published: 3/18/2025Modified: 4/15/2026

Related Intelligence (1)

CRITICALApt

ABB Automation Builder Gateway for Windows

<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>ABB became aware of severe vulnerability in the products versions listed as affected in the advisory. The Windows gateway is accessible remotely by default. Unauthenticated attackers can therefore search for PLCs, but the user managem

CVE-2024-41975

6d agoCISA Advisories

References (1)

https://cert.vde.com/en/advisories/VDE-2025-013