ANC – ABB Network Card Multiple vulnerabilities in ANC

Plan Patch7.32crt000006Apr 30, 2025

Attack VectorAdjacent

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Multiple vulnerabilities in ABB ANC (Automation Network Card) versions 1.1.4 and earlier allow privilege escalation through the web HMI interface. An attacker with local network access and valid user credentials could escalate to device administrator privileges and take control of the network card, potentially disrupting communications or accessing sensitive configuration data. Affected products include ANC, ANC-L, and ANC-mini. The vulnerabilities are resolved in version 1.1.5.

What this means

What could happen

An attacker on the local network with valid user credentials could escalate privileges to device administrator level and take full control of the ANC network card, potentially disrupting communications between engineering stations and industrial equipment.

Who's at risk

Organizations operating ABB Automation Network Cards (ANC, ANC-L, ANC-mini) in manufacturing, water treatment, electrical distribution, or other industrial control environments where these network cards provide communication between engineering workstations and industrial devices are affected.

How it could be exploited

An attacker with local network access and valid user login credentials can exploit privilege escalation vulnerabilities in the web HMI interface to gain administrator access to the ANC device. This allows the attacker to reconfigure network settings, access sensitive device data, or prevent legitimate engineering workstations from communicating with connected equipment.

Prerequisites

Network access to the ANC device's local network segment
Valid user credentials for the web HMI interface
Physical or logical access to the local network (not remotely exploitable from the internet)

Requires local network access (not remotely exploitable)Requires valid user credentialsAffects device administration and control capabilitiesLow exploit complexity

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

ANC≤ 1.1.41.1.5

ANC-L≤ 1.1.41.1.5

ANC-mini≤ 1.1.41.1.5

Remediation & Mitigation

0/3

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

ANC

HOTFIXUpdate ANC firmware from version 1.1.4 or earlier to version 1.1.5 or later

Long-term hardening

0/2

ANC

HARDENINGReview network access controls to the ANC device and restrict to authorized personnel on the local network only

HARDENINGVerify user credential policies and disable or reset any unnecessary user accounts on the ANC device

CVEs (3)

CVE-2024-47784 CVE-2024-9876 CVE-2024-9877

View full ABB PSIRT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/b7fc7f6c-29c4-41d4-a8b2-397bc76c52bc