CVE-2024-48852

CRITICAL

ABB FLXEON <= 9.3.4 - Sensitive Information Disclosure via Log File Insertion

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-48852. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates an authenticated information disclosure vulnerability in ABB Cylon FLXeon controllers. It leverages a curl command to access system logs via an API endpoint, exposing sensitive data such as OpenSSL passwords used for stored certificates.

Description

Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access. This issue affects FLXEON through <= 9.3.4.

Exploits (1)

exploitdb WORKING POC
by LiquidWorm · texthardwaremultiple
https://www.exploit-db.com/exploits/52178

This exploit demonstrates an authenticated information disclosure vulnerability in ABB Cylon FLXeon controllers. It leverages a curl command to access system logs via an API endpoint, exposing sensitive data such as OpenSSL passwords used for stored certificates.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: ABB Cylon FLXeon Series (FBXi, FBTi, FBVi, FLX, CBT, CBV) with firmware <=9.3.4
Auth required
Prerequisites: valid authentication cookie (user_sid) · network access to the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 9.4
EPSS 0.0259
EPSS Percentile 86.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-532
Status published
Products (1)
ABB/FLXEON < <= 9.3.4
Published Jan 29, 2025
Tracked Since Feb 18, 2026