CVE-2024-48841

CRITICAL

FLXEON <9.3.4 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-48841. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates an authenticated remote code execution vulnerability in ABB Cylon FLXeon controllers via command injection in the /api/users/password endpoint. The newPassword parameter is improperly escaped before being passed to ChildProcess.exec() within a usermod command, allowing arbitrary command execution.

Description

Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.

Exploits (2)

exploitdb WORKING POC
by LiquidWorm · texthardwaremultiple
https://www.exploit-db.com/exploits/52186

This exploit demonstrates an authenticated remote code execution vulnerability in ABB Cylon FLXeon controllers via command injection in the /api/users/password endpoint. The newPassword parameter is improperly escaped before being passed to ChildProcess.exec() within a usermod command, allowing arbitrary command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ABB Cylon FLXeon Series (FBXi, FBTi, FBVi, FLX, CBT, CBV) Firmware <=9.3.4
Auth required
Prerequisites: Valid credentials for authentication · Network access to the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by LiquidWorm · texthardwaremultiple
https://www.exploit-db.com/exploits/52188

This exploit demonstrates authenticated remote code execution (RCE) in ABB Cylon FLXeon BACnet controllers via command injection in the /api/timeConfig endpoint. The PoC uses curl to send maliciously crafted JSON payloads with backtick-enclosed commands in multiple fields, exploiting improper input validation in timeConfig.js.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ABB Cylon FLXeon Series (Firmware <=9.3.4)
Auth required
Prerequisites: Valid credentials for authentication · Network access to the target device · BACnet controller with vulnerable firmware
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 10.0
EPSS 0.0625
EPSS Percentile 91.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-77
Status published
Products (1)
ABB/FLXEON < 9.3.4
Published Jan 27, 2025
Tracked Since Feb 18, 2026