ANC – ABB Network Card Multiple vulnerabilities in ANC

Plan PatchCVSS 7.32crt000006Apr 30, 2025

ABB

Attack path

Attack VectorAdjacent

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Multiple vulnerabilities in ABB Network Card (ANC) firmware versions 1.1.4 and earlier allow a local network attacker with user-level credentials to escalate privileges to device administrator. These vulnerabilities exist in the web HMI interface. Successful exploitation could allow an attacker to take full administrative control of the device and modify its configuration or operations. All three product variants (ANC, ANC-L, ANC-mini) are affected.

What this means

What could happen

An attacker with local network access could escalate privileges to device admin on the ABB Network Card and take full control of the device, potentially affecting power or control systems that rely on this card for communication.

Who's at risk

ABB Network Card (ANC) users managing power distribution, substation control, or industrial automation systems where the ANC provides critical communication functions. This affects utilities and industrial facilities using ANC devices for SCADA integration or protective relay communication.

How it could be exploited

An attacker on the local network with low-level credentials could exploit multiple web HMI vulnerabilities to escalate privileges to administrator level, gaining control over the network card's configuration and communication functions.

Prerequisites

Access to the local network where the ANC device is connected
Valid user-level credentials (low privilege account)

remotely exploitable from local networkrequires low-level credentialsprivilege escalation to adminaffects network infrastructure device

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

ANC≤ 1.1.41.1.5

ANC-L≤ 1.1.41.1.5

ANC-mini≤ 1.1.41.1.5

Remediation & Mitigation

0/3

Do now

0/1

ANC

WORKAROUNDRestrict network access to the ANC device's web interface to authorized engineering workstations only using firewall rules or network segmentation

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

ANC

HOTFIXUpdate ANC, ANC-L, and ANC-mini devices to firmware version 1.1.5 or later

Long-term hardening

0/1

HARDENINGDisable remote access to the device's web HMI if not required for operations

CVEs (3)

CVE-2024-47784 CVE-2024-9876 CVE-2024-9877

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b7fc7f6c-29c4-41d4-a8b2-397bc76c52bc

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.